9.96 External CA Product Issue FYI

iJake
Valued Contributor

There appears to be an issue with JSS 9.96 and External CA. The 9.96 binary fails to properly download/install the cert on the clients which breaks enrollment. Existing or new record of the client doesn't matter. Just a heads up for probably those few others that use an external CA with their JSS. If/when I get a defect id I can update the post.

2 REPLIES 2

were_wulff
Valued Contributor II

@iJake ,

Are you using a dynamic challenge in your environment?

If so, it's likely that you're running into PI-000879, in which we run into the inability to enroll using an External CA configured with a dynamic challenge.

If you're using a static challenge, it's likely not that PI however, as that PI is specific to dynamic challenge setups.

Without knowing more about what's failing, what errors are happening, etc...I don't want to say for sure that it's PI-000879 even if it sounds similar, so it would be worth it to get in touch with your TAM if you haven't already to dig into it a bit more and either confirm that what you're seeing is PI-000879 or rule it out and get to the bottom of what's going on.

Thanks!
Amanda Wulff
JAMF Support

iJake
Valued Contributor

@amanda.wulff We are using a static challenge so not that issue. We've got our STAM in the loop but wanted to post to give others the heads up.