Jamf Nation Community

andrew_nicholas · ‎05-14-2015

I'd like to add a public cert to our JSS so that when users enroll their machines they don't receive any SSL errors. The JSS has about 115 machines in it at this point, but we have not implemented any Configuration Profiles as of yet. I assume this has been done before but I wanted to be know before hand if this would break things horribly. Aside from the MDM portion, has anyone done this before and noticed any major issues? The server being used is 2012R2.

Thanks!

Kaltsas · ‎05-14-2015

I had no issues (other than my muddling through creating the CSR with the java keytool) when I moved from a self signed cert to a third party cert on our JSS. Once I had it in the right format it was easily uploaded into the JSS via the web interface and IIS (HTTP distribution point). The MDM Certificate is different so moving from a self signed certificate to third party cert shouldn't affect that at all.

View solution in original post

nessts · ‎05-14-2015

I just changed a linux server over to a 3rd party Certificate and you don't have to do anything with your clients. At least not that I have noticed. Profiles and the SSL certificate are two separate issues. Profiles work with an Apple Push Notification Certificate. The Web based HTTPS stuff is a whole other framework.

Kaltsas · ‎05-14-2015

I had no issues (other than my muddling through creating the CSR with the java keytool) when I moved from a self signed cert to a third party cert on our JSS. Once I had it in the right format it was easily uploaded into the JSS via the web interface and IIS (HTTP distribution point). The MDM Certificate is different so moving from a self signed certificate to third party cert shouldn't affect that at all.

andrew_nicholas · ‎05-20-2015

Excellent, thank you both for this!

Jamf Nation Community

Realistic issue to expect when moving from Self-signed cert to Public Cert