The Jamf Software Server (JSS) requires a valid SSL certificate to ensure that computers and mobile devices communicate with the JSS and not an imposter server.
The Apache Tomcat settings in the JSS allow you to create an SSL certificate from the CA that is built into the JSS. You can also upload the certificate keystore for an SSL certificate that was obtained from an internal certificate authority (CA) or a trusted third-party vendor.
Note: If your environment is hosted in Jamf Cloud, the Apache Tomcat settings are managed by Jamf Cloud and are not accessible.
To create or upload an SSL certificate, the JSS must be installed as the “ROOT” web application, and the user running the Tomcat process must have read/write access to Tomcat’s server.xml file.
Creating or Uploading an SSL Certificate
Log in to the JSS with a web browser.
In the top-right corner of the page, click Settings .
Click System Settings.
Click Apache Tomcat Settings .
Select Change the SSL certificate used for HTTPS and click Next.
Follow the onscreen instructions to upload or create an SSL certificate.
Restart Tomcat for the changes to take effect.
For instructions on how to restart Tomcat, see the following Knowledge Base article:
Starting and Stopping Tomcat
For related information, see the following Knowledge Base article:
Using OpenSSL to Create a Certificate Keystore for Tomcat
Find out how to use OpenSSL to create a certificate keystore that you can upload to the JSS.