Help

Can the Jamf pro built in CA be accessed via scep by jamf pro configuration profiles?

Go to solution
Ferri
New Contributor

Posted on ‎12-17-2021 11:46 AM

Hi, we need to create a few certificate authenticated wifi profiles to distribute to macs, as the office is mainly windows  and the number of macs is 20 or so, there is not much desire to set up an azure app proxy, ndes etc to allow jamf pro to connect to the internal CA through scep to generate certs, but looking through the documentation am not sure if it is possible to access the internal CA through scep when creating a new wifi profile. 

 

0 Kudos
Reply
1 ACCEPTED SOLUTION

Go to solution
sdagley
Esteemed Contributor II

Posted on ‎12-17-2021 01:01 PM

@Ferri If your 802.1x authentication system is expecting a certificate from your org's internal CA then if there was a way to have Jamf Pro's built-in CA deliver a cert via SCEP (which I do not believe is possible) would not help. I'd suggest going through the process of setting up a proxy between your internal CA and your Jamf Pro instance so that certs can be delivered via Jamf Pro. It may be a little pain to set up, but once done it greatly simplifies dealing with certificates.

View solution in original post

0 Kudos
Reply
4 REPLIES 4

Go to solution
sdagley
Esteemed Contributor II

Posted on ‎12-17-2021 01:01 PM

@Ferri If your 802.1x authentication system is expecting a certificate from your org's internal CA then if there was a way to have Jamf Pro's built-in CA deliver a cert via SCEP (which I do not believe is possible) would not help. I'd suggest going through the process of setting up a proxy between your internal CA and your Jamf Pro instance so that certs can be delivered via Jamf Pro. It may be a little pain to set up, but once done it greatly simplifies dealing with certificates.

0 Kudos
Reply

Go to solution
Ferri
New Contributor
In response to sdagley

Posted on ‎11-02-2022 04:47 AM

yup, on both counts, was a pain to set up, does work perfectly once set up properly. the internal ca cannot be used for this purpose.

0 Kudos
Reply

Go to solution
ashay_mudya
New Contributor II
In response to Ferri

Posted on ‎07-17-2023 09:21 AM

@Ferri @sdagley  We have the External CA  setup to enable Jamf pro  as SCEP proxy for configuration profiles . Wanted to know if certificate uploaded on signing certificate option is  valid or not , dont have any option to view it 

ashay_373_0-1689610872252.png

 

 

 

0 Kudos
Reply

Go to solution
husnudagidir
Contributor

2 weeks ago

Hi Everyone,

Were you able to successfully deploy this by requesting a certificate from a Windows NDES server with a SCEP profile? I've been trying to do this for a while now but to no avail. My NDES server settings are correct. But I think I'm missing something in the SCEP settings in Jamf Pro.

0 Kudos
Reply