Components Installed
Applications
When you install the Jamf AD CS Connector, Microsoft Internet Information Services (IIS) for Windows Server is automatically installed. Microsoft IIS is the web application server that runs the Jamf AD CS Connector. A directory named AD CS Proxy is installed in the following location:
C:\inetpub\wwwroot\adcsproxy
For more information about IIS, see the following webpage:- IIS Client Certificate Mapping Authentication
- IIS is automatically configured to enable communication between Jamf Pro and the Jamf AD CS Connector to take place using IIS Client Certificate Mapping Authentication. For more information about IIS Client Certificate Mapping Authentication, see the Microsoft Configuration Reference Documentation.
- ASP.NET
- ASP.NET provides the application framework for the Jamf AD CS Connector and is integrated with the instance of the IIS web application.
Jamf AD CS Connector Certificates
- Server certificate (.pem or .cer)
-
The server certificate ensures trust between Jamf Pro and the Jamf AD CS Connector. It is a self-signed SSL certificate, generated when the Jamf AD CS Connector is installed
The server certificate is exported to the current working directory with the following filename:
adcs-proxy-ca.cerNote:The server certificate is required when configuring Jamf Pro to communicate with the Jamf AD CS Connector.
- Client certificate (.pfx or .p12)
-
The client certificate allows Jamf Pro to authenticate with the Jamf AD CS Connector. The client certificate, generated when the Jamf AD CS Connector is installed, is signed by the server certificate. It is exported in PFX format using a randomly generated password that is output to the shell during the Jamf AD CS Connector installation.
Note:The client certificate and the randomly generated password are required when configuring Jamf Pro to communicate with the Jamf AD CS Connector.
Both certificates are required when configuring Jamf Pro to communicate with the AD CS Proxy Service.