Hi Fabian8,

Greetings!

We see that you are looking to create an Intel vPro Certificate with your own ca running on windows server and use these on the Intel EMA server clients.

Please find the details given below, regarding your query: 

How can i create Intel vPro Certificates with my own CA (Certificate Authority) which is running on a Windows Server and use these on the Intel EMA Server/Clients?

I have created a Template on the CA for this purpose so far, but the certificate request for this template is not showing up (a full instruction how to create the certificate would be helpful).

Please find the article given below for reference:

https://www.intel.com/content/www/us/en/support/articles/000097538/software.html

Does every Client need a Intel vPro Certificate and how does this work in connection with the Intel EMA Server?

Yes, the client needs an Intel vPro certificate (Recommended an AMT provisioning certificate) purchased from the Intel Authorized vendor (GoDaddy, DigiCert or Sectigo/Entrust) whose certificate hash has been added with in the AMT firmware of the Client machine.

How can i install the root hash certificates on the clients?

According to our research, We create the self-cert on the EMA server and We just need to upload the hash of the bundle cert created on the EMA server, however the self-cert only allows the provisioning, it does not work for remote provisioning, rather we would recommend you to purchase an AMT provisioning certificate from the Intel Authorized vendor (GoDaddy, DigiCert or Sectigo/Entrust) whose certificate hash has been added with in the AMT firmware of the Client machine.

How to Purchase and Install a DigiCert*, Sectigo*, or GoDaddy* Certificate for Intel® AMT Provisioning

https://www.intel.com/content/www/us/en/support/articles/000099677/software.html

https://www.intel.com/content/www/us/en/support/articles/000055009/technologies.html

Thanks & Regards

Arun

Intel Customer Support Technician

intel.com/vPro