Issues with Automated DEP/MDM Server Certificates

New Contributor

Hello - 

I am working on configuring the Automated DEP and enrollment process for our new computers - We have our Jamf Instance connected with the Apple Business Manager MDM, and I can see the computer serial numbers in Jamf and Assigned to the Pre-Stage Enrollment Scope. 


When turning on the computers, during activation it recognizes that it's a Managed Device, but then it gets the following error when downloading the enrollment profile,  "Enrolling with Management Server Failed; The server certificate chain for your organization's MDM server was not properly set up." 


I followed all the steps in Integrating with Automated Device Enrollment and even deleted the old MDM server and re-set up a whole new MDM connection with Apple's business Manager in case I overlooked a step.. Is there another section or configuration I am missing? 


I was able to do a user-initiated enrollment and that worked fine - Not sure what certificate issue is causing the DEP to fail 


Valued Contributor

This sounds like more of an SSL cert chain issue, rather than an ABM/ADE configuration.

What does openssl say:

openssl s_client -showcerts -connect your.jss.url:8443

Legendary Contributor III

Agreed with @jtrant. When I've seen this it usually came down to a certificate issue on the Jamf server that was not properly trusted as an example.