Jamf Pro 3rd party SSL cert

Question

Reading documentation about 3rd party SSL certs and Jamf Pro. We are in the process of automating our Jamf Pro SSL cert renewal and I keep seeing that you need upload the 3rd party cert using the Jamf Pro interface. Is this that case? We already have a script for renewal that stops tomcat, edits the server.xml file with the correct cert info and re-starts tomcat. Do you also need to upload the cert into the Jamf console? is the cert also stored in the Jamf Pro DB?

“Note:If your environment is clustered, you must log in to the Jamf Pro web app for each Apache Tomcat node and create or upload any SSL certificates for each node””

This also comes up with migrating Jamf Pro to another server documentation (which we are also working on)

AJPinto · Answer

Im assuming you are on prem. No you don't need to do it through the Jamf GUI, you can use the java keystore on the web server just fine. Jamf does not support this workflow, but you absolutely can use PowerShell commands to update the java keystore to update the TLS certificates and bounce the service.

I moved to cloud about 5 years ago, but prior to the cloud move I did it all on the Windows server in the command line manually as I like to suffer, so I know it can be scripted.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded