Help

Deploying user certificates

gorakwedi
New Contributor

Posted on ‎08-12-2022 05:36 AM

Hello
I'm new with Jamf so I'm sorry if my question is stupid.
I need to deploy unique certificates to every MacOS user managed by my Jamf.
What is the most optimal method to do that? I read something about an ADCS connector but I'm not sure if it is what I looking for.

https://nox.tips/ https://xender.vip/
0 Kudos
2 REPLIES 2

ChrisUrsich
New Contributor II

Posted on ‎08-12-2022 07:02 AM

gorakwedi,

Do you already know which certificate authority you want to issue the certificates?  I'm new to this, but currently working on the same problem.  If your organization already runs an Active Directory Certificate Services infrastructure, then yes, the AD CS Connector would seem to be a good approach.  Other, third-party CAs can also be used, and JamfPro itself can apparently also serve as a CA, though I haven't experimented with that.

If you do take the ADCS approach, here are useful things to read or watch:

Chris

0 Kudos

Tangentism
Contributor II

Posted on ‎08-12-2022 02:02 PM

As @ChrisUrsich has said, if you have a Windows AD infrastructure, ADCS is a great tool to use to help with certificate requests but the answer is all dependent on what you want to do with the certificates and what infrastructure you're working with.

You might find that SCEP is a better solution. This article might help you decide which is better for you

I've recently set up two instances of ADCS Connector, had similar issues with both and this was a helpful troubleshooting document from Jamf [PDF hosted on Github]. Both cases it was for customers to issue certificates for Wi-Fi authentication. One had device based certificates and the other had user certs for both laptops and iOS.

 

0 Kudos