Hi,

I am trying to setup Intel AMT in our corporate environment and right now testing. Tried to remotely configure IntelAMT in one of the machine and is getting error "The SSL handshake failed because the certificate received is signed by an unknown CA". The exact error line in RCSLog.log file is;

2019-06-05 01:32:52: Thread:4844(ERROR) : ADNIMLT1028, Category: AMT Interface error Source: c:\workst\ef650392dcc46f7c\products\scs\modules\vproconfiguration\vproconfigurationinternal.cpp : vProConfigurationNamespace::vProConfigurationInternal::TestConnection Line: 1266: Failed while calling WS-Management call GetAmtVersion (CIM_SoftwareIdentity.Get). Intel(R) AMT connection error 0xc0005228: The SSL handshake failed because the certificate received is signed by an unknown CA. : The system cannot find the file specified., error in discover 0xc0005228

Here are the brief of setup;

• Installed RCS in a Win2012R2 server and is running using a domain service account.
• Using internal Enterprise CA running on Win2012R2. Created 2 certificate templates, one for remote configuration and one for TLS in AMT profiles.
• Created a profile with everything following as per Intel SCS User Guide. (AD, ACL, TLS, etc. configurations)
• Intel SCS addon for SCCM is installed. RCS is configured with permission for 'Domain Computers'
• Addon correctly identified the test PC to require maintenance on AMT and while doing maintenance, above error pops up.
• There exist no firewall between clients and RCS server

Did I miss anything here? I did go through user guide again and again, but not able to see anything specific I missed.

For the sake of testing, I ran the command locally with an Admin user account (with all permissions given for the user in RCS server). Below is the command used.

Attaching the generated RemoveConfigure.log file as well as RCSLog.log file.

Thanks.