Intel vPro® Platform
Intel Manageability Forum (Intel® EMA, AMT, SCS & Manageability Commander)
Announcements
This community is designed for sharing of public information. Please do not share Intel or third-party confidential information here.
2616 Discussions

How the heck to submit OU = Intel(R) Client Setup Certificate from a Microsoft CA?

SWood7
Novice
1,429 Views

I've been trying to figure out how to configure a CSR from our Microsoft Enterprise CA to for AMT and SCCM 2007 SP1. Our SSL vendor, GoDaddy, requires that we submit the CSR with OU = Intel(R) Client Setup Certificate included in the CSR. Since we're going to be using our Microsoft CA we've been following the SCCM instructions on creating a CSR for an external SSL cert. Nowhere in the instructions does it mention where we could enter the OU = Intel(R) Client Setup Certificate string for CSR submission. I realize it's probably a no brainer for everyone else out there but I admit I'm a bit dense when it comes to SSL. Has anyone done this before?

0 Kudos
2 Replies
idata
Community Manager
159 Views

If you are using OpenSSL tools for MS here is a good post that talks to this:

http://communities.intel.com/message/1855# 1855

If you are using CertReq with an INF file set the OU in the subject line:

Example INF file:

\[NewRequest\]

Exportable = TRUE

KeyLength = 1024

KeySpec = 1

KeyUsage = 0xA0

MachineKeySet = TRUE

Subject="CN=domain.com;OU=Intel(R) Client Setup Certificate;O=Company name;L=City name; S=State;C=Country"

\[EnhancedKeyUsageExtension\]

OID = 1.3.6.1.5.5.7.3.1

OID = 2.16.840.1.113741.1.2.3

idata
Community Manager
159 Views
Reply