Configuring Venafi TPP

Before integrating Venafi TPP with Jamf Pro, ensure that you have:

  • Configured access to Venafi TPP and have acquired the required Venafi TPP credentials. These credentials must have the ability to manage certificates via the Venafi API.

  • A policy configured for issuing certificates.

Note: When using service-generated CSRs, the private key is generated and stored in Venafi TPP and then sent to the computer or mobile device. This provides the ability to decrypt data that was encrypted with the public key. In addition, when using service-generated CSRs, some of the configuration profile payload settings may not be applicable based on the Venafi policy setup.

The only requirement for a Policy in Venafi TPP is that a CA Template be configured on the Policy. The configuration profile payload will supply the Common Name and Friendly Name of the certificate. All other certificate metadata is optional.

After you have configured Venafi TPP, you are ready to install the Jamf PKI Proxy. For more information, see Installing the Jamf PKI Proxy and Configuring Venafi Settings in Jamf Pro.

Copyright     Privacy Policy     Terms of Use     Security
© copyright 2002-2021 Jamf. All rights reserved.