I have a ema server running and now the PKI cert expired. I got a new cert from DigiCert. Imported it and under the certicicates it is shown as "PKI Certificate". I noticed that DigiCert changed there cert chain.
The new certification chain is: DigiCert Global Root G2 --> DigiCert Global CA G2 --> newCert
The old certification chain was: DigiCert Global Root CA --> DigiCert SHA2 Secure Server CA --> oldCert
Under "Intel AMT autosetup" --> "Available Certificates" there are not certificates. The new one isn't selectable or visible. The expired is not visible as well.
The old cert was installed when EMA was in version 184.108.40.206. Now it's in version 220.127.116.11.
Does anyone has an idea how I can fix the issue an make use of the new certificate?
I understand the new Certificate was installed into the Settings tab of the EMA web console and you can see the 3 lines of the Certificate chain. When you try to select the new Cert, the AMT auto setup is not showing any of the Certificates. We should see at least the old certificate.
1- DigiCert Global Root G2
2- DigiCert Global CA G2
Are both Certificates at the personal store of the IIS?
Did you restart the EMA services or the server after adding the new Certificate?
If the problem continues, please send me the EMA server log.
Path: [System drive]\Program File(x86)\Intel\Platform Manager\EmaLogs
Intel Customer Support Technician