Intel® Business Client Software Development
Support for Intel® vPro™ software development and technologies associated with Intel vPro platforms.

AMT - How to enable HTTPS

Rupert_H_
Beginner
3,404 Views

Hello,

I'm trying to enable HTTPS on my VPRO enabled server.
HTTP (on port 16992) runs without problems but I think it is not a good idea holding a port always open on my router (directly connected to internet) and sending password on an unsecured connection.

Basically this is my actual configuration (host side):

- a router/firewall directly connected to WAN/Internet with port-forwarding enabled on port 16992 (this port is always open)

- AMT enabled / TLS disabled on host computer (this computer is directly connected to the router)

- Linux with MEI driver and LMS correctly installed (also ACUConfig is installed on linux box)

- Virtualbox (with Windows 8) installed on my linux box

- OpenMDTK installed in Win8/virtualbox (correctly working and connecting)

- ACUWizard installed in Win8/virtualbox (working but unable to connect because peraphs it needs MEI and LMS for Windows)

Mi only need is to enable HTTPS port 16993 on AMT host in way to connect to the host through a secured connection. To do this, I read it is necessary to enable TLS but I'm very know-nothing about certificates and cryptography (public and private keys etc.) so I need some step-by-step help.

I think that if I will be able to connect via HTTPS I could disable portforwarding on port 16922 and enable it on port 16993 in way to better protect my system. Am I right?

0 Kudos
12 Replies
Gael_H_Intel
Moderator
3,404 Views

You will need to enable AMT on the system to support TLS - this will require provisioning with a Certificate for AMT (this is not the provisioning cert.)  You can use the Director (part of the DTK) or the SCS - Set up and Configuration Server.

DTK: http://opentools.homeip.net/open-manageability

SCS: http://software.intel.com/en-us/articles/download-the-latest-version-of-intel-amt-setup-and-configuration-service-scs/

0 Kudos
Rupert_H_
Beginner
3,404 Views

As you can read on my first post, I've already done everything you said except enabling TLS and installing certificates.

Infact I'm just writing to obtain help, step-by-step, explaining how to enable TLS, create and install the various certifacates that I need in the easiest way (using Open MDTK).

If there's any how-to or any guide or if someone could help me.

Excuse me for my poor English.

0 Kudos
Gael_H_Intel
Moderator
3,404 Views

You could try this blog if your AMT is already enabled and you just need to apply the certificate:http://software.intel.com/en-us/blogs/2012/01/18/how-to-create-amt-certificates-using-the-amt-sdk-and-open

Also on the Open MDK webpage, there are videos and tutorials so you might want to see if any of them can help. http://opentools.homeip.net/open-manageability

 

0 Kudos
Rupert_H_
Beginner
3,404 Views

Tutorials and videos on the Open MDK webpage are not related to this problem.

I tried the other link but on this page: http://software.intel.com/en-us/blogs/2012/01/20/how-to-configure-your-system-to-run-the-intelvpro-powershell-module images are missing (could you restore them please?).

0 Kudos
Gael_H_Intel
Moderator
3,404 Views

Sorry about that (the images missing.)  Hopefully they will be restored soon.  Meanwhile here is another link for the Open DTK that has more tutorials:  http://software.intel.com/en-us/articles/download-the-latest-version-of-manageability-developer-tool-kit/

 

0 Kudos
Gael_H_Intel
Moderator
3,404 Views

The images on the blog have been restored.  Again, sorry about the inconvenience.

 

0 Kudos
Rupert_H_
Beginner
3,404 Views

Thank you very much for your help and work ...and for latest helpful links about Open DTK

However I have to report that in this page: http://software.intel.com/en-us/blogs/2012/01/20/how-to-configure-your-system-to-run-the-intelvpro-powershell-module there are 3 images still missing

Thank you again.

0 Kudos
Gael_H_Intel
Moderator
3,404 Views

That is odd - could you look again?  It looks like they are all there?

0 Kudos
Rupert_H_
Beginner
3,404 Views

Really odd because I continue to see only 4 of 8 images and also in this page http://software.intel.com/en-us/blogs/2012/01/18/how-to-create-amt-certificates-using-the-amt-sdk-and-openssl image are missing.

0 Kudos
MPala11
New Contributor II
3,404 Views

Hi Rupert,

Can you try open the link in Google chrome. It's  shows all images in chrome.

When I tried in IE, images were missing , so try with google chrome browser

Thanks,

Mani

 

0 Kudos
Gael_H_Intel
Moderator
3,404 Views

Thanks for the advice, Mani - I don't use IE...

0 Kudos
Rupert_H_
Beginner
3,404 Views

plmanikandan wrote:

Hi Rupert,

Can you try open the link in Google chrome. It's  shows all images in chrome.

When I tried in IE, images were missing , so try with google chrome browser

Thanks,

Mani

 

Already done. Only some images are visible.
I think it could be a problem with DNS.

0 Kudos
Reply