SCEP and JSS

ericpaine
New Contributor

I'm looking to configure Microsoft SCEP with our JSS environment. We are going to make our SCEP server externally available and would like to know if you have anyone has suggestions for securing the connection.

To date, we've researched the following options:
1. IP tunnel from our SCEP server to JAMF
2. Proxy through our Web Application Proxy ADFS Proxy servers)
3. Proxy through Azure AD Application Proxy

Does anyone have experience with this or a recommendation on the best method?

2 REPLIES 2

MacKobus
New Contributor II

@ericpaine Were you ever able to figure this out? We're interested in doing something similar using Azure AD App Proxying, it appears to be possible but I've ran into some issues and haven't been able to get it working. I'm unsure if it's the signing certificate were using that's causing issue or something else. Any advice you have would be much appreciated!

bcbackes
Contributor III

Older thread but we are looking into this as well. However our SCEP server will remain internal. Looks like you can set up Jamf Cloud to talk to Azure App Proxy which then talks to SCEP server per this link. Let me know if anyone has set this up and if there's any gotchas. 

 

Thanks in advance!