Posted on 10-18-2017 03:18 AM
I want to deploy an internal SSL Certificate to our macOS Clients and I would like that Certificate to be trusted. Ideally I would prefer to do this with just a Profile and not script it.
I have a Profile which has the Public CA Root certificate and and the SSL certificate. The CA certificate is installed and Fully Trusted - however the SSL remains set to "System Defaults".
My understanding was, if a Certificate is deployed via a Profile it is automatically trusted be the client but this doesn't seem to happen ¯_(ツ)_/¯
Has anyone managed to do this without having to run a script to trust the SSL cert??
Posted on 10-18-2017 03:51 AM
The Mac “defaults” to trusting signed certain. That being said if that is not what you are observing, two things .... check your Clock ... and don’t forget any intermediate Certs that your CA may use if going by profile. I presume when building your cert payload that you also configured trust settings.
If you do want to do it with an installer package or something, try this: https://groups.google.com/forum/m/#!topic/macenterprise/OvdjAJMi7R4
Posted on 10-18-2017 04:11 AM
Thanks for the reply - What do you mean by "I presume when building your cert payload that you also configured trust settings."