Jamf PKI Proxy Overview

The Jamf PKI Proxy is a command-line application that manages communication between Jamf Pro and Venafi Trust Protection Platform (TPP). Venafi TPP typically runs on a server in a more protected segment of the organization's internal network. The Jamf PKI Proxy acts as a proxy between Jamf Pro and Venafi TPP. This ensures secure communication to Venafi TPP for issuing and revoking certificates without enabling direct access to Venafi TPP from the Internet. The Jamf PKI Proxy utilizes Mutual Transport Layer Security (mTLS) between Jamf Pro and the Jamf PKI Proxy.

General Requirements

Server Requirements

The following are the recommended server OS requirements for the Jamf PKI Proxy:

  • Windows Server 2019

  • Ubuntu Server 20.04 LTS or Ubuntu Server 18.04 LTS

  • Red Hat Enterprise Linux 7.x

The Jamf PKI Proxy does not need to run on the same server operating system platform as Jamf Pro.

The following are the hardware requirements for the Jamf PKI Proxy:

  • 64-bit CPU

  • 1 GB RAM

Network Communication Requirements

For communication between the Jamf PKI Proxy and Jamf Pro, configure the firewall to allow incoming traffic on port 9443 to the server on which the Jamf PKI Proxy is installed.


9443 is the default port. You can configure a different port if needed.