Can anyone shed some light on what I need to do when it comes to the 'Certificate Download' and 'Upload Additional Certificate' options?
I've went thorough all the docs I can find and the most helpful line is this:
"save the certificate in the appropriate location dictated by your web server vendor."
That just doesn't help me much.
I have our images on an apache2 web server and they working correctly using SSL. They are accessible inside our network and out. When I attempt to add our wildcard certificate as the 'Additional Certificate', I get a message that it has not been uploaded. You can see the process in the pics.
Does anyone had more detailed information on what to do with the certificate I get from the Download button and what certificate to upload as an Additional Certificate?
When I use the test button and use a valid url to a user image, I get this:
@luke.reagor this was tricky, but I got it working. JAMF support provided me some documentation that got it all working for me. My first mistake was trying to get it working from a Win2012R2 server. Maybe it's possible but way beyond my understanding of certs. Once I spun up a Ubuntu VM and followed their directions I got it working. Once I get back to my desk I'll post them here.
Are you putting all your images in a single directory? Are the images named in a systematic way? Based on user ID or something similar?
Here is the document that was provided that helped me set up my Ubuntu VM: here
Ignore the last couple pages that are about setting up IIS (which doesn't work as of now, I think they were a work in progress). Also, don't forget (if you haven't already) when your setting up your URL on the settings pages you posted to put the appropriate variable at the end of the URL (including the extension). ex. https://imageserver.com/studentimages/$USERNAME.png
ASM Reference Here: Casper Admin Guide
@ssrussell, Thanks for the info. I already had that part working, so it didn't help with my specific issues. However, I did get some instructions from our TAM that helped further explain how to get the images working. Here's the document:
Hopefully it may help others.
Unfortunately, this process has helped us discover a problem in our DB that is preventing us from uploading certificates, and therefore causing us to get the errors in the pics above.
To wrap up our issue, we found that a chrome extension was preventing us from performing certain actions on the JSS's webpages, including uploading the certs. Once we had the extension problem under control, we could get back to configuring the web server to host the images. While the JAMF photo server doc [https://drive.google.com/open?id=0B1G0Rt4a6S4vTldNQ1JRWkVzaE0](link URL) was extremely helpful, we are using haproxy for load balancing so we had to do things a little different to get it working on that server. Here's the instructions for the haproxy configuration : [https://drive.google.com/open?id=1O_gXyCguULy6Qw_oBA7glhkyQgDOGX4ljaOTqHEzXwA](link URL)
@nethers We didn't push out any specific certs to clients for the photo server. We have two bind statements in haproxy, one for the standard 443 port ( bind :443 ssl crt /etc/ssl/our_wildcard_cert.pem ) which is our wildcard cert, and one for the port we use for the photo server ( bind :9999 ssl crt /etc/ssl/webcert_w_key.pem ca-file /etc/ssl/photoca.pem verify required ).