Push Proxy Certificate Expired

Check your network/web settings on your JSS host machine. I had this problem a few months back and it was down to my main JSS box being unable to reach the web (therefore it couldn't contact jamf nation to renew the cert).

Check your network/web settings on your JSS host machine. I had this problem a few months back and it was down to my main JSS box being unable to reach the web (therefore it couldn't contact jamf nation to renew the cert).

That WAS the issue and why it had stopped auto-renewing due to a change in our firewall restricting servers from accessing the internet. But that has since been remedied for the Casper server and watching the live firewall logs I see Casper going out to the internet (the traffic is passing) when I hit renew but nothing happens after that.

.

@sedwards

If the Push Proxy Token had been expired for 2+ weeks prior to getting the issue fixed, you're running into a known issue filed under PI-001363. When that happens we see the renewal fail, but it doesn't give any indication that it failed or why, it just seems to refresh the screen and nothing changes.

The workaround is to delete your existing Push Proxy Token and just create a new one.

If you'd like to have a case created to be attached to PI-001363, and haven't already contacted support to create one, please get in touch with support by either giving us a call, sending an e-mail to support@jamf.com, or by using the My Support section of Jamf Nation.

Thanks!
Amanda Wulff
Jamf Support

If the Push Proxy Token had been expired for 2+ weeks prior to getting the issue fixed, you're running into a known issue filed under PI-001363. When that happens we see the renewal fail, but it doesn't give any indication that it failed or why, it just seems to refresh the screen and nothing changes. The workaround is to delete your existing Push Proxy Token and just create a new one. If you'd like to have a case created to be attached to PI-001363, and haven't already contacted support to create one, please get in touch with support by either giving us a call, sending an e-mail to support@jamf.com, or by using the My Support section of Jamf Nation. Thanks! Amanda Wulff Jamf Support

Thanks @amanda.wulff deleting and recreating resolved my issue.

I was experiencing this issue, where I would hit renew and it would just refresh the screen but not actually renew it. It just expired yesterday. I deleted it and am trying to create it again, but when I enter my JAMF credentials, it says 'An unknown error occurred (500)". Any ideas?

I experienced the "An unknown error occurred (500)" a few weeks back.. so I waited a few hours and then renewed again with success..

I'm not getting a straight-up refresh. When I hit renew, it updates the expiration date to one day in the future (i.e. tomorrow).

It should renew itself daily.

It doesn't seem to be. I get the Jamf Pro notification that the cert expired. Manually renewing it works though.

Im simply saying it should. I dont have to manually renew my cert as it does it automatically everyday

I am suddenly having this issue daily, having to renew every day. We have made no changes to anything that I am aware of. Started happening last week.

JAMF version 10.3.1-t1522933524
Windows 2012 R2

Seem to be having the same issue as mhegge. The proxy cert indicated it was expired, selected renew and it only renewed for 24 hours. Will see if it starts to auto-rewnew.

Jamf version 10.4.1-t1525267633
Hosted by Jamf

I had this happen in the past and it was because Java had auto updated on one of my JSS’s (Windows). The newly installed java version no longer matched what was specified in the tomcat service and system environment variables.

Hello All

Id like to chime in on this issue too.
Same thing....our cert expired today, I renewed it, but only until tomorrow.
If this is supposed to Auto renew then it stopped working. We are using Jamf Cloud to host.

Any thoughts Jamf?

I am having this issue too. When I click renew, it just goes one day in the future. I would have thought it would go a year in the future.

Its always been one day in the future for everyone wondering. It should however auto renew daily and shouldnt be a manual process.

@artrathke it only goes out the one day. should auto renew daily. mine is, but i noticed these errors in my log every morning for a few days:

2018-06-05 09:26:53,081 [ERROR] [duledPool-9] [PushProxySettingsHelper ] - Unable to parse authorization token response from Jamf Nation.
2018-06-05 09:26:53,081 [WARN ] [duledPool-9] [PushProxySettingsHelper ] - Unable to fetch push token from Jamf Nation
2018-06-05 09:26:53,081 [ERROR] [duledPool-9] [PushProxyTokenRefresh ] - Error updating push proxy token from JAMF Nation (returned 500)

i had a case open with jamf at the time so i mentioned this and got the following response from support:

I ran down the associated known issue regarding this, looks like it is just a weird issue with connections out to jpp.jamfcloud.com, our Jamf Push Proxy server. This shouldn't cause a problem, as the proxy is still renewing. Eventually this will get fixed so that the logs don't show it happening all the time! That should clear this issue up, I'll go ahead and close this case but if the push proxy does begin to not renew consistently, please let us know. As that is a different, but related, issue which is indeed a problem we are seeing with a small minority of customers.

so if you don't have a case open with jamf, please reach out to support to work with them on this!

I'm just going to say "ditt" and watch what happens as well.

Has anyone ever figured out how to fix this?

This just started affecting us as well. I can manually renew, but automatic renewal is failing.

Please head to this discussion thread for a consolidated update & resolution to this issue: https://www.jamf.com/jamf-nation/discussions/32762/assessing-resolving-notification-in-jamf-pro-for-push-proxy-server-token-has-expired

This happened to me this morning. Push Proxy Cert did not auto-renew. Was unable to manually renew it, so deleted it. But now when I create it I'm getting the "An unknown error occurred (500)" message entering my Jamf Nation credentials. I will wait a few hours as mentioned here earlier to see if that helps.

I have the same issue under 10.14.1 - proxy certificate not re-newing

I'm trying the Push Proxy for the first time to utilize Self Service notifications. I haven't sent any yet, but I noticed that it's only good for a week. Is it supposed to renew automatically every week? Or do we have to log into the console and renew it manually? Is there a way to renew via the API?