Adding digital identifiers to a Certificate Enrollment Gateway for MDM

After Adding an Entrust-hosted Certificate Enrollment Gateway for MDM, complete the gateway configuration with at least one digital identifier.

images/download/attachments/255082418/image-2024-5-31_11-14-23-version-1-modificationdate-1717132464042-api-v2.png

To add digital identifiers to an enrollment gateway

  1. Configure the following settings under Digital ID Information.

  2. Click Add digital Id to configure more digital identifiers.

  3. Click Submit.

  4. Click OK in the Add Enrollment Gateway Confirmation dialog and wait while the Entrust Certificate Services provision the new Certificate Enrollment Gateway.

  5. Click OK on the Enrollment Gateway Request Submitted dialog.

Profile ID

Select a profile of the CA previously selected when Adding an Entrust-hosted Certificate Enrollment Gateway for MDM.

RDN Format

The Relative Distinguished Name (RDN) format to build certificate Subject Names. This field supports custom variable names using the <variable> syntax – for example:

CN=<var1> <var2> <var3> SampleStaticText

Entrust PKIaaS will only process enrollment requests containing values for all variables defined in this field.

Jamf enrollment requests will always contain values for the following RDN variables, even if this field does not define them.

Variable

Value

igusername

The ​name of the device user.

iggroup

The group of enrolled devices.

devicetype

The type of enrolled device.

To make use of these RDN variables on Jamf, define an RDN format like the following.

CN=<igusername> <iggroup> <devicetype>

See Configuring MDM automation in Jamf for how to add custom variables outside of the above variables.

Parent DN

The parent Distinguished Name (DN) for building the RDN of a certificate. Specifically, the selected value is appended to the end of the Subject DN after the RDN Format variables have been processed.