Can't access JPS admin console with Safari in Catalina


I can't seem to access the Jamf Pro web interface using my server's DNS name from Safari 13 in Catalina. This has been true throughout beta testing. When I navigate to it I get no errors or any output. Just a white window with the progress bar stuck at maybe 10%.
I have two Jamf servers, one internal with database, one in DMZ with interface disabled. Both share an SSL cert with a valid Subject Alternative Name.
I can access the admin interface if I go directly to the server's local hostname, though I have to pass through the "This Connection Is Not Private" screen. I can even view the valid cert for the intended DNS name from this screen. I think it's just showing it because the names don't match.
Safari 13 in Mojave connects just fine. Chrome and Firefox in Catalina work fine too.
Recon et c. have no problems internally or externally.

Anyone else seeing this?


Contributor III

Just tested mine, its slower and the login screen takes a bit to load but otherwise it works!

New Contributor II

We also have this issue, but in only 1 location. All of our other locations it works fine.

You guys behind a proxy?


We are.
Here's the thing. I decided to test out the native Jamf Kerberos SSO configuration profile instead of the downloaded and signed one from the beta and changing some things in there seemed to help. If I change my hosts entry from to I can suddenly load the admin page (it prompts for username and password) however none of the sites that redirect to for Single Sign On work now. Same issue, just a white page with no clue about what's happening.
It looks like I have to keep poking at the Kerberos extension...


So I removed the leading . from the hosts entry. Now I just have The profile saves and is distributed and all sites work normally. I think this basically makes the Kerberos SSO extension not do anything when it comes to SSO in browsers or apps. I'm saving my SSO credentials in keychain which is probably why it's working.