Installing the JSS SCCM Proxy Service

New Contributor


we are having our internal CA server so i would like to know the certificate part and ISV enrollment in SCCM MP so looking for some guideline.

Should i proceed the setup of part in SCCM or do i need to do some changes in Certificate part to complete the ISV.



Valued Contributor

Boo, double-post.

Valued Contributor

You'll need to set up a specific certificate template as Jamf describes in their documentation. Even then, it is likely that you'll have issues if you're using HTTPS.

In the SCCM current branch, there is a bug in the way the MP interprets the OID for the certificate, even if it's created properly; this prevents SCCM from verifying the signature on the data being submitted. Microsoft has it logged as a bug and mentioned that it should be fixed in the current branch 1702 update, but until then you'll probably have to either stick with HTTP or find another workaround.

@drhoten (who spent a ton of time troubleshooting with Microsoft, our InfoSec guys, and me) asked for a defect number a few times, but unless Microsoft answered him separately, one hasn't been provided. If you're going to pursue things with Microsoft and want my case number, let me know and I'll send it privately.