Trusting the SSL Identity using Jamf and deploying the certificate

While installing the Forcepoint F1E agent using Jamf, you must set up the client machine to trust the SSL identity so that the agent can securely communicate with the Outlook Email client.

Before you begin

You must do the following:
  • Complete the steps to create the SSL identity and you have the server.pem file.
  • Convert server.pem file to .der format.

To trust the SSL identity and deploy the certificate with Jamf, do the following:

Steps

  1. Create the agent configuration file in Jamf Pro to hold the endpoints SSL Identity.
    1. On the Computers tab, select Configuration Profiles.
    2. Create the new profile and give it a name (or alternatively use an existing profile).
    3. Select certificate, give the certificate a name, and then select Upload.
    4. Upload the server.der file as the certificate.
    5. Save the certificate.
    6. Save the configuration profile.
  2. Set the profile scope to be delivered to all macOS endpoint machines.
    1. On the Computers tab, select Configuration Profiles, then select the SSL Identity configuration profile created in step 1.
    2. On the Scope tab, select All Computers and All Users. Alternatively, specify certain individuals or groups to receive this profile
    3. Click Save.
    Note: Include the PEM files with the Forcepoint DLP macOS F1E package (whether within the installer ZIP archive or pushed out in addition to it so that they are extracted to the same location), and re-install the endpoint for the communication to be successful.