anyone has issue on deploy the zscaler app with the root cert not trust ?
I recently deploy Zscaler , but root trust show red "x" on the keychain access. anyway to get it around by putting command in jamf policies ?
Page 1 / 1
@Laura7878 we went with the Configuration Profile approach.
Added the Zscaler cert as Configure Profile.
Made sure profile is scoped to appropriate devices.
Deploy Zscaler.
can you please tell me where to get the root cert from the zscaler portal?
someone is manage this and they have no idea where to get
can you please tell me where to get the root cert from the zscaler portal?
someone is manage this and they have no idea where to get
Same here. I do not have access to the portal itself. I just requested the team to send me the certs. They were able to figure it out.
Also, have you try exporting that cert from your keychain?
Just got the cert from the team by letting them know they have to figure out. great help there :)
I have not be able to , This is the first Mac that i deploy via jamf , not sure how to get it form the keychain.
by the way , this happen , do i need to convert ?
Keychain Access > Zscaler Root CA > Export "Zscaler Root CA" > defaults to .cer format.
super helpful . thank you . that save tons of time to trying convert the root CA .
one last question please. how do you setup upgrade/patch the Zscaler ? I tried to go patch managment seems not able to find Zscaler.
super helpful . thank you . that save tons of time to trying convert the root CA .
one last question please. how do you setup upgrade/patch the Zscaler ? I tried to go patch managment seems not able to find Zscaler.
If we need to update the Zscaler application, we just create a policy to push out the new package. We have no issues overriding the Zscaler. We don't disable/uninstall it. We just deploy the new version to the computer via a policy.
i thought for the upgrade is :
1. upload package
2. set up policies
3. go to patch management , select the new definition and create new patch policies also setup the immediate push
4. end user got the new version upgrade
Well, that's if the application is listed in Patch Management.
Applications which are not part of Patch Management can still be updated by using Jamf Policy alone. Just have to scope and define frequency and trigger appropriately.
thank you very much to clear this up .
the Jamf trainer didn't tell us that , i thought there is no way to update the version if it is not list.
@Laura7878 we went with the Configuration Profile approach.
Added the Zscaler cert as Configure Profile.
Made sure profile is scoped to appropriate devices.
Deploy Zscaler.
Hi, thanks for this solution. Do you know why the Zscaler certificate was deployed as an Untrusted certificate?
Hi, thanks for this solution. Do you know why the Zscaler certificate was deployed as an Untrusted certificate?
The problem is that the certificate has been issued for too long.
TLS server certificates must have a validity period of 825 days or less (as specified in the NotBefore and NotAfter fields of the certificate).
Connections to TLS servers that violate these new requirements will fail and can cause network outages and app failures. Also, websites may not load in Safari in iOS 13 and macOS 10.15.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.