This article explains how to create a GSX account and obtain an Apple certificate. You can integrate Jamf Pro 10.15.0 or later with Apple’s Global Service Exchange (GSX).
Note: As of October 1, 2019, Jamf Pro 10.15.0 or later is required to integrate with GSX. If you are using an earlier version of Jamf Pro with a GSX integration, you must upgrade to Jamf Pro 10.15.0 or later to continue integrating with GSX.
General Requirements
Before you can integrate Jamf Pro with GSX, you must have the following:
A GSX Account with the “Manager” or “Administrator” role, access to Web Services, and access to coverage/warranty information

An Apple certificate

(On-premise customers) Your IP address must be safelisted by Apple. To verify that your IP address is safelisted, contact Apple.

Creating a GSX Account
Go to http://www.apple.com/support/programs/ssa/ to apply for a GSX account.
Note: To apply for a GSX account, you must have a service contract with Apple. Contact your Apple Account Executive to learn more about GSX.
Log in to your GSX account at https://myaccess.apple.com/
Note: This rest of this process is managed by Apple and is subject to change. Contact Apple if you need assistance creating your GSX account.
Obtaining an Apple Certificate
Obtaining an Apple certificate involves the following steps:

Generating a certificate signing request (CSR)

Sending the CSR and your GSX account information to Apple. Apple sends back Apple certificates (.pem)

Converting the Apple certificates to .p12 format

Uploading the certificate to Jamf Pro

Note: Steps 1-2 are managed by Apple and are subject to change. Contact Apple for details about the process. If you have questions, contact Jamf Support.
Generating a CSR
To generate a CSR, sign in to Apple’s MyAccess website and follow the instructions provided by Apple: https://myaccess.apple.com/

Important: The CSR generated in this process is the only valid CSR accepted by Apple for GSX connections.
Sending the CSR and GSX Account Information to Apple
Send an email to the Apple GSX email address provided on Apple’s MyAccess website: https://myaccess.apple.com/

You will need to attach your CSR to the email. The required GSX account information and certificate will be provided by Apple.

Note: This process can take up to a week and is subject to change. Contact Apple for the most current information.
Converting the Apple Certificate (.pem) to .p12 Format
Create a .p12 file using the private key and Apple certificates by executing the following command:

openssl pkcs12 -export -inkey privatekey.pem -in cert.pem -out GSX_Cert.p12
Note: The GSX_Cert.p12 file contains your signed GSX certificate. If you do not specify a path before the file name when running the above command, the file will be in your working directory.
The certificate is saved as a .p12 file in the location you specified.

Note: The private key password is the password that you set when creating the CSR. You must also set an export password, which will be used as the keystore password when uploading to Jamf Pro.
Configuring the GSX Connection in Jamf Pro
Configure the GSX connection in Jamf Pro by providing your Apple API Token and uploading your GSX certificate. For instructions, see “Configuring the GSX Connection Settings” on the GSX Connection page in the Jamf Pro Administrator’s Guide.

 

source:  docs.jamf.com / technical-articles/Integrating_with_Apples_Global_Service_Exchange_GSX.html