Migrating an MDM on-premises Enrollment Gateway to an Entrust-hosted Enrollment Gateway

See below for migrating MDM enrollment from a customer-hosted Enrollment Gateway to an Entrust-hosted Enrollment Gateway.

To migrate MDM enrollment to an Entrust-hosted Enrollment Gateway

1. Deploy an Entrust-hosted Enrollment Gateway as explained in Automating MDM enrollment with an Entrust-hosted Enrollment Gateway.

2. When Configuring MDM automation in Jamf, go to Options / SCEP and update only the following parameters of your existing Jamf configuration.

   • In URL, paste the SCEP URL value obtained when Getting Certificate Enrollment Gateway settings for MDM.

   • In Entrust Web Service URL, p aste the MDM-WS-URL value obtained when Getting Certificate Enrollment Gateway settings for MDM .

   • In Administrator Username, p aste the UserID value obtained when Getting Certificate Enrollment Gateway settings for MDM .

   • In Administrator Password, p aste the Password value obtained when Getting Certificate Enrollment Gateway settings for MDM .

   • In Digital ID Configuration Name, p aste the Name value obtained when Getting Certificate Enrollment Gateway settings for MDM .

3. Test and validate the new Entrust-hosted MDM service.

4. If the customer-hosted Enrollment Gateway was only used for MDM enrollment, remove it as explained in Deleting an on-premises Certificate Enrollment Gateway. Otherwise, if still used for other enrollment protocols (such as ACME, SCEP, or WSTEP):

   • Disable MDM enrollment in the customer-hosted Enrollment Gateway configuration.

   • DO NOT remove the customer-hosted Enrollment Gateway from the Entrust Certificate Services portal.