Help

Certificates - Mac deployment

KRIECCO
Contributor

Posted on ‎03-05-2018 04:24 AM

What is the best practice regarding deployment of certificates. I have about 200 mac in a typical windows environment with 5000 PC´s .
So there is root certificates and are also running office 365 where there seems to be some certificates, as outlook often prompts for certificates on mac

Is the best way to deploy them through server app and configuration profiles or is there any option to get this running through different ways ?. Looking for some guides describing it more detailed

Labels:
0 Kudos
Reply
2 REPLIES 2

al_platt
Contributor II

Posted on ‎03-05-2018 07:25 AM

If they're just root certs (or the same cert for all computers) then config profiles are the way to go.

If you need individual certs then config profiles using SCEP.

0 Kudos
Reply

alexjdale
Valued Contributor III

Posted on ‎03-05-2018 08:19 AM

I personally deploy them with scripts. Simply echo the cert out to a file and then import it with whatever trust settings you'd like. More control than you get with profiles, and there has been at least one instance in the past where after a macOS update, it wasn't properly handling the chain of trust with profile certs which broke wifi auth.

For AD certs, I use a profile.

0 Kudos
Reply