Let’s Encrypt with the JAMF Software Server (JSS)

It’s been a while since I posted anything on my blog… With two kids and a steady stream of new projects at work its been a bit crazy! However, today I posted my first GitHub repository! I had been using Gists by GitHub and will be slowly moving them over to repositories. Anyway back to what is important…

My JSS that I use for testing has been using Let’s Encrypt for the last three months and I finally had an auto renewal that I could finish testing. Let’s Encrypt allows for FREE SSL certificates for web servers to be programmatically requested via API or script. While SSL certs are getting cheaper, they are still not free… and I am cheap!

SSL certificates that are trusted by your client devices allow for reduction of man in the middle attacks as well as removing the need for you to build trust with your devices and web browser. Code can be found on Github!

3 thoughts on “Let’s Encrypt with the JAMF Software Server (JSS)”

  1. Hi Kyle – I would say that a good “safe place” for the script would be the tomcat home directory itself. It’s always going to be present somewhere no matter how the JSS was installed & the certificates will be backed up if the user is making regular backups of the tomcat directory which is a good practice. Maybe that should be the recommendation instead of leaving it up to the user? Great write up & work! Thanks. I’ll probably be pointing students here as Let’s Encrypt is a talking point in the CJA & CCE already.

    1. Hey Brock! I think the best place for it is actually in /etc/cron.daily/ that way the script is run automatically and you don’t need to monkey with crontab. That is what I did anyway.

  2. I like that idea too. If it’s a dedicated server or maybe even better a vm & snapshots are being made the whole configuration could be backed up & you wouldn’t have to do anything special. [insert thumbs up emoji here.]

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.