BigFix MDM Server TLS Certificate Content

Understand the required format of the BigFix MDM Server TLS certificate for MDM Server installation.

BigFix MDM server TLS Certificate Content

The MDM Server certificate must be available in a .crt or .pem format, and must take the form of a certificate chain containing the following:

The actual MDM TLS certificate provided by the trusted CA
Any intermediate certificates provided by the trusted CA
The trusted CA root certificate

If the trusted CA does not provide such a chain directly, concatenate the individual .crt or .pem files into a single certificate chain and provide it as the MDM Server’s TLS certificate during MDM Server installation.

The following command is an example for concatenating certificates on Linux:

cat <server TLS .crt> [intermediate .crt] <CA root .crt> > mdmserver.crt

This may require additional action on one or more files provided by a trusted CA to extract the various certificates and keys needed to build the required chain.