To integrate an external CA with Jamf Pro, you must provide the signing and CA certificates for the external CA. This is done by uploading a signing certificate keystore (.jks or .p12) that contains both certificates to Jamf Pro. For information about how to obtain and download a SCEP Proxy signing certificate from a Microsoft CA, see the following articles:
Note:
By default, Jamf Pro uses the signing and CA certificates for the Jamf Pro built-in CA. You must replace these certificates with the ones for the external CA when you initially set up the integration.
- In Jamf Pro, click Settings in the sidebar.
- In the Global section, click PKI certificates .
- Click the Management Certificate Template tab, and then click External CA.
- At the bottom of the External CA pane, click Change Signing and CA Certificates.
- Follow the onscreen instructions to upload the signing and CA certificates for the external CA.