Hi all,
We have an internal CA. That inturn has created a cert for our JSS.
Our base images are created from the installer packages in Casper admin. (like an InstaDMG image).
If we tell the clients that the JSS has a valid cert, the devices cannot verify the cert as they don not have the root ca cert installed.
So, would creating a custom PKG that installs the root ca cert & trusts it. With the pkg being installled at the OS compile resolve this issue?
Sorry that made little sense.
If I tell the JSS it has a valid cert. @ build the client will not verify the cert as it does not trust the CA.
So would installing the CA as part of the image resolve this?
I lay down a package that puts the certs in a temp folder then I used to do a script that injected Certs on first login of each user (including a policy flush post imaging of course), now I use the configuration profile. I don't know if that would work for you or not.
Thanks Matt.
But if your clients expect the JSS to have a valid cert, yet they do not have the root CA installed.
Does the first run policy fail as the client doesn't trust the jss?
I successfully managed to do this, but have since purchased a public SSL cert for my JSS authentication.
This then deploys my companies root CA cert etc..
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.