Hey all. Can I confirm that Jamf Protect traffic (i.e from client to the Jamf Protect instance) needs to be excluded from SSL inspection? I don't see mention of this anywhere, but I can see errors when running the Jamf Environment Test tool in my customer's environment (see attached).
I ask, because all Macs within my client's network are stuck at enrolment stage, with the
protectctl binary reporting as follows:
superuser@XXXXXX user % sudo protectctl info Password: Uptime: 22m 47s Version: 220.127.116.114 Status: Enrolling Tenant: $client.protect Plan ID: 2 Plan Hash: 00000000000000000000000000000000 Last Check-in: 01.01.0001 12:00:00 AM GMT Last Insights: 01.01.0001 12:00:00 AM GMT
The documentation (https://docs.jamf.com/jamf-protect/documentation/Network_Communication_Used_by_Jamf_Protect.html) doesn't mention that SSL inspection being disabled is a requirement, but the above report from JET makes it seem like it is?