LogoLogo
LogoLogo
  • Welcome
  • Details
  • Configuration
    • Getting Started
      • Generic Guide
      • Scenario-based Guides
        • Microsoft Cloud PKI
        • SCEPman PKI
    • Access Point Setup
      • RadSec
        • Aruba
        • FortiNet
        • Juniper Mist
        • Meraki
        • MikroTik
        • Ruckus
        • UniFi
      • RADIUS
        • ExtremeCloud IQ CoPilot
        • Meraki
        • Sophos UTM
        • UniFi
    • Server Certificate Renewal
  • Admin Portal
    • Home
    • Insights
      • Rule Engine
      • Logs
    • Users
    • Settings
      • Server Settings
      • Trusted Certificates
      • Proxy Settings
      • Permissions
      • User Settings
      • Rules
        • General Structure
        • WiFi
        • LAN
        • VPN
      • Log Exporter
        • Teams
        • Log Analytics
        • Generic Webhook
        • Examples
    • My Invited Users
  • Profile Deployment
    • Microsoft Intune
      • Server Trust
      • WiFi Profile
        • Windows
        • iOS/iPadOS & macOS
        • Android
      • Wired Profile
        • Windows
        • macOS
    • Jamf Pro
      • Server Trust
      • WiFi Profile
      • Wired Profile
    • Google Workspace
      • Server Trust
      • WiFi Profile
  • Other
    • Troubleshooting
    • FAQs
      • General
      • Log & Common Errors
      • MAC Authentication
      • Blast-RADIUS Vulnerability
      • OCSP Soft-fail Consequences
      • Security & Privacy
    • REST API
      • External Monitoring
    • Changelog
  • Licensing
    • Azure Marketplace
  • Support & Service Level
  • RADIUSaaS Website
Powered by GitBook
On this page
  • Part 1: Download the RADIUS Server Certificate
  • Part 2: Trust the Server Certificate

Was this helpful?

  1. Profile Deployment
  2. Jamf Pro

Server Trust

Last updated 4 months ago

Was this helpful?

This is only required if you are using a RADIUS server certificate that was issued by a CA that your clients do not already trust. For example, this is not needed if you are bringing your own server certificate issued by SCEPman.

Part 1: Download the RADIUS Server Certificate

When the Server certificate, use only the green-marked certificate. This will download the root CA certificate of the issuing CA.

Part 2: Trust the Server Certificate

  1. Log in to your Jamf Pro instance.

  2. Choose your correct deployment scope (Computers, Devices or Users). In this example, we have chosen a macOS device (Computers).

  3. Navigate to an existing Configuration Profile or create a new one and give the profile a meaningful name, e.g. "Corp-WiFi-802.1X".

  4. Add a Certificate payload

  5. Provide a meaningful Certificate Name, e.g. "RADIUSaaS Server Root CA"

  6. Under Select Certificate Option select Upload

  7. Upload the *.cer file containing the certificate you have downloaded in Part 1. A password is not required, since it is only the public key part that is contained in the file and that needs to be uploaded.

  8. Select Allow all apps access

  9. Unselect Allow export from keychain

  10. Click Save

  11. Under Scope assign the profile to the relevant audience

Showing download of root CA
downloading