Configuring Certificates for the Jamf SCCM Plug-in 3.40 or Later Using an Enterprise Certificate Authority
This article explains how to create and configure a certificate using an enterprise certificate authority for the Jamf SCCM plug-in 3.40 or later.
There are one or more certificates that must be configured before you install the Jamf SCCM Proxy 3.40 or later. The following table shows the required certificates and the servers on which they must exist:
Certificate | Jamf SCCM Proxy Service Server | SCCM Server |
---|---|---|
ISV Proxy Certificate | ✔ (Requires private key) | ✔ |
CA Certificate Chain | ✔ |
Creating an ISV proxy certificate using an enterprise CA involves the following steps:
-
Creating a certificate template
Creating an ISV proxy certificate from the template
Copying the ISV proxy certificate to the SCCM server
Registering the ISV proxy certificate with SCCM
General Requirements
Configuring certificates for the Jamf SCCM plug-in using an enterprise CA involves creating an ISV proxy certificate.
To do this, you need:
-
A PKI with a third-party CA (This cannot be the CA that is built into Jamf Pro.)
A PKI certificate with a SHA-2 signature algorithm
A Windows computer with the Certification Authority snap-in
Console access to the SCCM server
Administrative rights to the SCCM Console
Step 1: Creating a Certificate Template
To issue a SHA-256 certificate from your enterprise CA, your CA must be running Windows Server 2008 or higher, and using the default hash algorithm SHA-256 (SHA-256 must be the default hash algorithm of any certificate issued from your Root or Subordinate CA). Your CA must also be using the Cryptographic Next Generation (CNG) provider, not the Cryptographic Storage Provider (CSP).
Step 2: Creating an ISV Proxy Certificate from the Template
Step 3: Copying the ISV Proxy Certificate to the SCCM Server
Step 4: Registering the ISV Proxy Certificate with SCCM
Additional Information
For additional certificate configuration methods, see the Configuring the Certificates for the Jamf SCCM Plug-in 3.40 or Later article.
For more information on the SCCM plug-in, see the SCCM Plug-in User Guide, available at: https://www.jamf.com/resources/product-documentation/sccm-plug-in-user-guide/