Posted on 10-13-2021 11:48 AM
I have a couple of certificates provided to me by Netskope, one root certificate and one intermediate. I created a configuration profile and uploaded both certificates via the certificate payload. The root certificate installs to Keychain with the setting to "always trust," but the intermediate one installs with the setting "use system defaults". This can be easily changed in the Keychain by each user, but we want to avoid asking users to do this themselves.
I changed the setting of the intermediate certificate installed in my machine to "always trust" and exported it, then I tried uploading it to Jamf; but it doesn't upload, it returns the error: Unable to complete file upload. The file contents does not match file type. For testing purposes, I also exported the root certificate and was able to upload it to Jamf. Both are .cer type files.
I don't know much about certificates, so I'm hoping one of you sees something obvious here. The only difference that I can see is that one is a root certificate and the other one is intermediate.
Appreciate any suggestions. Thank you.
Posted on 10-13-2021 01:33 PM
@JDaher You don't need them both set to Always Trust, just the Root CA. If the Root CA for your Intermediate certificate is set to Always Trust, then the system defaults setting for the Intermediate will result in it being trusted because the Root CA is.
Posted on 10-13-2021 02:31 PM
Is that right? OK, I'll try that and have the company security team confirm that the agent is working and reporting properly. Thank you.