No configuration is necessary to use Jamf Pro's built-in CA. The built-in CA is used by default to issue certificates to computers and mobile devices. The CA certificate and signing certificate are created and stored for you automatically. When a device checks in with Jamf Pro, it communicates with the SCEP server to obtain the CA certificate.
Note:
If you do not want computers or mobile devices to communicate directly with a SCEP server and you are using the built-in CA, you can enable Jamf Pro as SCEP Proxy to issue device certificates via configuration profiles. For more information, see the Enabling Jamf Pro as SCEP Proxy technical paper.