We are working on SCCM 2012 implementation in client environment. As part of implementation, the Mac (Macintosh) machine needs to be managed by enrolling them to SCCM server using Mac client certificates. 

The Mac enrollment process requires PKI infrastructure which is already up and running with Root CA (offline) and Enterprise CA (Issuing CA) in place.

While enrolling the Mac machines, we are facing some issue and below are detail of the issue.


Issue/Error: Online Responder Service (OCSP) error related to PKI health of CA server.


It would be great if some can help us to resolve the above issue. 


Note: Please respond to team in CC only in case of suggestions.



Thank you,

0 Comments   [ - ] Hide Comments


Please log in to comment

Answer this question or Comment on this question for clarity



Have you trusted the certificate chain for the CA? I find that usually our macs have trouble understanding the CA, if there's any issues with the chain or the life of certificates are too long or self assigned. Also check the naming convention of the CA doesn't contain .local

Answered 10/30/2013 by: ms01ak
Tenth Degree Black Belt

Please log in to comment