Dear forum users,
We have always used JSS self signing certificates in the past. Now we are switching to our PKI infrastructure. I have made the following changes.
1. On JSS, in the "Settings -> Global Management Framework Settings -> Public Key Infrastructure", change from
"Use Built-in Certificate Authority" to "Use External Certificate Authority", filled in our SCEP server URL, selected "Dynamic-Microsoft CA" with our SCEPadmin user credentials, uploaded the signing certificate as it reqired.
2. On JSS, in the "Management -> Mobile Device Profiles", I have created an configuration profile which will come down when the iPad gets enrolled. It has the same SCEP settings as the "Settings -> Global Management Framework Settings -> PKI".
3. I have enabled SSL on Tomcat following the JAMF documentation.
My Question is: In the SCEP setting section, what do I use for the Subject Name? When the iPad gets enrolled, I want them receive the certificates from SCEP, which uses iPad name and the certificate should look like iPadName.mycompany.com.
There is a previous thread talking about OS X client with SCEP settings.
https://jamfnation.jamfsoftware.com/discussion.html?id=3704
I tried a varible $COMPUTERNAME after reading that but didn't work out for iPads.
Any suggestions?
Thanks Heaps!
Leo
