- DigiCert product docs
- Trust Lifecycle Manager
- Integration guides
- Jamf Pro integration guide
Jamf Pro integration guide
DigiCert® Trust Lifecycle Manager facilitates certificate issuance through your Jamf Pro mobile device management (MDM) environment, using the following integration methods. Select the links for detailed guides about how to configure each integration method.
Integration method | Description |
|---|---|
Enroll certificates for your Jamf Pro MDM environment using the SCEP (Simple Certificate Enrollment Protocol) service of Trust Lifecycle Manager. SCEP with dynamic enrollment codes is the most secure integration method because private keys are generated on end user devices and never stored in the Jamf Pro platform. This method also supports a broader range of certificate options, including the SAN extension and fixed-value fields in the Subject DN. | |
To facilitate configuration, the main SCEP integration method (listed above) automatically creates seat records in Trust Lifecycle Manager for enrolled certificates. If you prefer to create seat records manually before enrolling certificates via SCEP, select the integration method on the left instead. | |
Enroll certificates for your Jamf Pro MDM environment using the REST API service of Trust Lifecycle Manager. This method currently requires less configuration than SCEP, but does not support the SAN extension or fixed-value fields in the Subject DN of certificates. |
Let op
If you are uncertain which method to use, DigiCert recommends choosing the first SCEP integration method, as it offers the highest level of security and the most certificate options, while also simplifying configuration through automatic seat creation.
For details about how to transition from the API integration method to SCEP, see Transition from API to SCEP integration.
For more information about the integration, refer to the following Jamf technical paper: Integrating with DigiCert Using Jamf Pro.