Question

ADCS - Failed to inject certificates into the profile

Forum|Forum|4 years ago
October 12, 2021
28 replies
271 views

V

+4

valkyrie
Contributor

Hi guys

I am out of ideas, I'm hoping someone here can help me.

We use Global Protect in our company, and have set up the jamfconnector to retrieve the certificates.

We have an ADCS configuration profile, which has been working fine up until now. Newly enrolled computers aren't getting their certificates anymore. When I go to check this in 'management' for that computer, I get the error 'Failed to inject certificates into the profile'. Any ideas where the issue could be? Connection to the jamfconnector and issueing server should still be ok.

Thanks!

Valérie

Show first post

1
2

Forum|pagination.label 2 / 2

V

+1

varun1
New Contributor
Forum|Forum|3 years ago
January 12, 2023

My issue turned out to be a firewall problem. Adjusting the firewall traffic resolved the issue. Even if the machine has a long name like "Brandon Wood's Macbook Pro", it still get the cert within seconds.

@bwoods we have an issue where the JAMF team is suspecting a firewall issue, like the certificate provided by jamf is getting dropped and in ADCS we are getting 403, can you please tell any what changes were made in firewall.

Like

+14

bwoods
Honored Contributor
Forum|Forum|3 years ago
January 12, 2023

@bwoods we have an issue where the JAMF team is suspecting a firewall issue, like the certificate provided by jamf is getting dropped and in ADCS we are getting 403, can you please tell any what changes were made in firewall.

@varun fixing this issue really depends on what type of relationship you have with your network team. I had to have three 4 hour sessions with my team. Luckily, we had the Jamf Infrastructure Manager configured and used it as a reference for how traffic should move through the firewall. You will need to send them Jamf's documentation and navigate through the firewall rules one by one.