Using IIS to Enable HTTPS Downloads on a Windows Server 2016 or 2019 File Share Distribution Point
Updated: 01 July 2021
Product: Jamf Pro
This article explains how to activate Internet Information Services (IIS) and use it to enable HTTPS downloads on a Windows Server 2016 or 2019 file share distribution point.
The following steps are described in detail below:
- Adding the Web Server (IIS) Role
- Adding a Virtual Directory Using the IIS Manager
- Adding the Certificate Snap-in in the Microsoft Management Console (MMC)
- Creating a Certificate Signing Request
- Generating an SSL Certificate Using the Jamf Pro Built-in Certificate Authority
- Importing the Jamf Pro CA Root Certificate
- Importing the New SSL Certificate
- Configuring Bindings Using the IIS Manager Console
- Verifying an Account is Available to Access the File Share Over HTTPS
- Enabling Basic Authentication for the jamf_share
- Adding MIME Types to the Virtual Directory
- Enabling HTTPS Downloads in Jamf Pro
General Requirements
-
Knowledge of the credentials (the read-only account) used to access the file share.
-
An existing SMB file share being used as a Jamf Pro distribution point.
Note: The example Jamf SMB file share used in this article is jamf_share, located in D:\jamf_share.
Step 1: Adding the Web Server (IIS) Role
Requirements
If the Web Server (IIS) role is not already activated, add the Web Server (IIS) role using Server Manager.
Step 2: Adding a Virtual Directory Using the IIS Manager
Add a virtual directory using the IIS Manager, and link the new file share to the existing file share. The existing file share is defined in Jamf Pro on the
page.Step 3: Adding the Certificate Snap-in in the Microsoft Management Console (MMC)
Step 4: Creating a Certificate Signing Request
Step 5: Generating an SSL Certificate Using the Jamf Pro Built-in Certificate Authority
Step 6: Importing the Jamf Pro CA Root Certificate
Step 7: Importing the New SSL Certificate
Step 8: Configuring Bindings Using the IIS Manager Console
Step 9: Verifying an Account is Available to Access the File Share Over HTTPS
Step 10: Enabling Basic Authentication for the jamf_share
Step 11: Adding MIME Types to the Virtual Directory
Add two MIME types to ensure the files (.dmg and .pkg) download properly.
Step 12: Enabling HTTPS Downloads in Jamf Pro
Additional Information
To confirm HTTP distribution is working properly:
- Ensure Directory Browsing is enabled in IIS.
- Go to https://jss.mycompany.corp/jamf_share/Packages/myPackage.dmg.
- When prompted, enter your credentials.
- Enter the credentials for the read-only user on the file share.
- The package should download.