Jamf requirements
You must meet the following requirements to automate MDM Jamf enrollment with a PKIaaS gateway.
- PKIaaS account requirements
- Certificate authority requirements
- Operating system requirements
- TLS Cipher requirements
PKIaaS account requirements
You need an Entrust PKIaaS account with privileges to create an issuing certificate authority.
Certificate authority requirements
Make sure you have a subordinate CA with a profile of the mdmws group. You can either:
- Create a new CA with this group, as explained in Creating an issuing subordinate CA.
- Add this group to an existing CA, as explained in Selecting CA profiles.
Operating system requirements
Enrollment integration for this release is tested and validated on the following operating system versions.
| OS | Version |
|---|---|
| iPad | 16.6 |
| iPhone | 16.6 |
| macOS | Ventura 13.5.1 |
| Windows | Not supported |
| Android | Not supported |
| ChromeOS | Not supported |
Other devices and operating systems listed in the MDM vendor support documents should work, but have not been tested.
TLS Cipher requirements
Enrollment URLs support the following TLS Ciphers.
ECDHE-RSA-AES128-GCM-SHA256ECDHE-RSA-AES256-GCM-SHA384