Skip to main content

We've recently changed our URL for our JSS from a .local address to a .net to enable us to use a third party cert for our external JSS.



However, as part of this the URI for the PKI is not available externally. To enrol externally it needs the CA Authority cert which it can't access so the enrol fails.



I'm trying to look at ways to edit the QuickAdd with a preflight and:



jamfremoveFramework
Then install the CA (CN=CompanyName (London) JSS Built-in Certificate Authority.pem



Has anyone else had any luck with this, or any ideas on how to make this better?



Cheers
Jonny

I would probably use a tool like Packages with the following:




  • Add the .pem file and the original quickadd.pkg to the scripts section

  • Create a preflight script that runs jamf removeFramework, uses the security command line tool to install the .pem and then the installer command to install the quickadd.



If this doesn't make any sense at all let me know and I'll put some more specific instructions. This is just the high level approach.



Hope it's of help.

Nice little writeup here as well GETTING MORE OUT OF A QUICKADD PACKAGE

Terms & ConditionsCookie settings