Solved

Error using signed configuration profile ??

4 years ago
March 25, 2021
5 replies
3 views

robbo007
Contributor
17 replies

Hi everyone,
I've followed this guide: https://www.jamf.com/jamf-nation/articles/649/creating-a-signing-certificate-using-jamf-pro-s-built-in-certificate-authority

And i'm signing my configuration profile with this command:
/usr/bin/security cms -S -N "JamfSign" -i ~/Desktop/Custom.mobileconfig -o ~/Desktop/Custom-signed.mobileconfig

I don't get any errors when signing but when I try and upload the signed configuration profile to Jamf I get a "File cannot be processed" error. If I double click on the signed profile to test it on a mac I get an error opening it.

Any ideas what I'm doing wrong?

Thanks,

Best answer by mainelysteve

@robbo007 Have you used Profile Creator before? It has Jamf Connect payloads prebuilt and the profile can be signed during the export process without too much guesswork.

View original

Did this topic help you find an answer to your question?

jmandler
Contributor
11 replies
4 years ago
March 25, 2021

Possibly a silly question, but are you using "JamfSign" as the common name (CN) of the certificate? The data after --sign must be the CN.

robbo007
Author
Contributor
17 replies
4 years ago
March 25, 2021

Good question. No, I'm using the actual certificate I created in keychain and then uploaded to my jamf server then added again to my keychain again. (process is the same as start of the document). I've also tried using the -Z" value "Subject Key Identifier" to sign the configuration and I get the same results.

The configuration profile I'm using was created on the jamf server and then downloaded.

I'm try to get jamfconnect Azure AD integration working under Prestage. IT works if I push out via policies to the already enrolled computers but I need this working at prestage level.

+16

mainelysteve
Contributor
634 replies
Answer
4 years ago
March 25, 2021

@robbo007 Have you used Profile Creator before? It has Jamf Connect payloads prebuilt and the profile can be signed during the export process without too much guesswork.

robbo007
Author
Contributor
17 replies
4 years ago
March 25, 2021

@mainelysteve Thanks I'll take a look.

robbo007
Author
Contributor
17 replies
4 years ago
March 26, 2021

Right Profile Creator rocks. So much easier. Got the profile signed and now prestage authenticates with Azure AD. Cheers

Reply

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

Cookie settings

We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.

Basic
Functional

Normal
Functional + analytics

Complete
Functional + analytics + social media + embedded videos + marketing

Reply

Related topics

Help with Platypus / Cocoa Dialogue...bash rsync scripticon

Need Help with Script in Self Service; Prompt User for usernameicon

Rsync Script Help - verbose status?icon

Automation of steps for zero touch deploymenticon

Casper Automation of Mac Mini Server Buildsicon

Most helpful members this week

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded

Cookie policy

Cookie settings