Jamf Nation Community

jonnydford · ‎05-20-2015

We've recently changed our URL for our JSS from a .local address to a .net to enable us to use a third party cert for our external JSS.

However, as part of this the URI for the PKI is not available externally. To enrol externally it needs the CA Authority cert which it can't access so the enrol fails.

I'm trying to look at ways to edit the QuickAdd with a preflight and:

jamfremoveFramework
Then install the CA (CN=CompanyName (London) JSS Built-in Certificate Authority.pem

Has anyone else had any luck with this, or any ideas on how to make this better?

Cheers
Jonny

davidacland · ‎05-20-2015

I would probably use a tool like Packages with the following:

Add the .pem file and the original quickadd.pkg to the scripts section
Create a preflight script that runs jamf removeFramework, uses the security command line tool to install the .pem and then the installer command to install the quickadd.

If this doesn't make any sense at all let me know and I'll put some more specific instructions. This is just the high level approach.

Hope it's of help.

View solution in original post

jhbush · ‎05-20-2015

Nice little writeup here as well GETTING MORE OUT OF A QUICKADD PACKAGE