Jamf Pro requires a valid SSL certificate to ensure that computers and mobile devices communicate with the Jamf Pro server and not an imposter server.
For Jamf Cloud-hosted Jamf Pro instances, the SSL certificate is managed by Jamf.
If you have an on-premise environment, the Apache Tomcat settings in Jamf Pro allow you to create an SSL certificate from Jamf Pro's built-in certificate authority (CA). You can also upload the certificate keystore for an SSL certificate that was obtained from an internal CA or a trusted third-party vendor. An SSL certificate is automatically generated by the built-in CA when the Jamf Pro server is initialized. Jamf recommends replacing the SSL certificate generated by the built-in CA with one from a trusted third-party vendor or internal CA. For more information on creating an SSL certificate, see the Enabling SSL on Tomcat with a Public Certificate article.
If your environment is clustered, you must log in to the Jamf Pro web app for each Apache Tomcat node and create or upload any SSL certificates for each node.