Community
cancel
Showing results for 
Search instead for 
Did you mean: 
SSott
Beginner
1,497 Views

IPT enterprise PKI solution?

Hi there,

I have been asked to implement a PKI solution for a customer using the Identity Protection Technology of Intel VPro.

We have an own Java CA on a Linux server and need to generate certificates signed by our CA for authentication, as well as e-mail encryption keys which also must be stored in the CA as a backup.

The Intel IPT documentation only advises to use their own IPT CA on a Microsoft server, but this does not match our environment.

The IntelJCE documentation https://software.intel.com/en-us/articles/providing-hardware-based-security-by-leveraging-intel-iden... Providing Hardware-based Security to Java* Applications by leveraging Intel® Identity Protection Technology and Java Cry… also seems to be insufficient for this use case.

So is there any way to implement this solution and where can I get the complete interface description?

Regards

Sandra

0 Kudos
5 Replies
idata
Community Manager
60 Views

Hello sekandra,

 

 

Thanks for joining the community.

 

 

The issue you describe is certainly a complex one and we will need to do some further research.

 

 

In the meantime let me share with you the Intel Setup and Configuration Software User Guide which describes the Remote configuration for PKI in page 13: https://www.intel.com/content/dam/support/us/en/documents/software/Intel_SCS_User_Guide.pdf https://www.intel.com/content/dam/support/us/en/documents/software/Intel_SCS_User_Guide.pdf# page=13 for reference.

 

 

We will get back to you as soon as we have updates.

 

 

Jose A.
SSott
Beginner
60 Views

Hello Jose,

Thank you for your assistance. I hope you can help us find a solution.

I think the central question is if IPT supports the PKCS # 11 interface or something equivalent for the operations mentioned above.

Regards

Sandra

idata
Community Manager
60 Views

Hello sekandra,

 

 

We are researching with our engineering department. We will keep you posted as soon as we have updates.

 

 

Regards

 

 

Jose A.
SSott
Beginner
60 Views

Hello Jose,

could you already find out anything helpful?

Regards

Sandra

idata
Community Manager
60 Views

Hello sekandra,

 

 

I apologize for the long delay. We are still waiting for a word from our engineering department. We will keep you posted, hopefully I will be soon.

 

 

Regards.

 

 

Jose A.