Community
cancel
Showing results for 
Search instead for 
Did you mean: 
AM21
Beginner
1,413 Views

Identity Protection Technology with Microsoft PKI

Hi,

we have a VPN server with SSTP connection, which authenticated by user credentials and Server certificate on 2012 R2.

Now i must implement SSTP connection with user credentials and user certificate.

 

I found that there are many solution to store user certificates not in their OS, but in the TPM or IPT. Fine.

maybe has someone the documentations how to configure all this?

 

how i can import the certificates into IPT?

 

how i can say to VPN client - hey, please use a certificate from IPT?

thank you very much!

0 Kudos
5 Replies
Dariusz_W_Intel
Employee
107 Views

Exonix,

there is Intel Use Case Reference Design for IPT used for VPN login. Unfortunately I have only little personal experience with this.\

check https://downloadcenter.intel.com/download/21324/Intel-vPro-Technology-Use-Case-Reference-Design-Inte... Download Intel vPro Technology Use Case Reference Design – Intel IPT with PKI

rgds

Dariusz Wittek

 

Intel EMEA Biz Client Solution Architect
AM21
Beginner
107 Views

 

Thank you Dariusz,

 

now i'm trying to install the Intel_IPT_PKI_x64_v4.0.5.25 on Windows 10 x64 on NUC6i3SYK, but i get an error, though all required components are installed. maybe i missed something?

Dariusz_W_Intel
Employee
107 Views

Yes,

you are missing propper HW platform.

Within Intel IPT overall technology envelope - the PKI (HW cert store provider) is supported by Intel Core vPro platforms (Core i5 vPro, Core i7 vPro) ONLY.

The propper Intel NUC for this is Intel® NUC5i5MYHE.

This is the only current Core vPro model of Intel NUCs.

Your system supports IPT One Time Password and Intel Protected Transaction Display.

rgds

darek

AM21
Beginner
107 Views

Hello Dariusz,

could you please tell whether OS X supports ITP ?

i have i MacBookAir with i7-4650U that supports vPRO. Can i use it to store users certificates?

Dariusz_W_Intel
Employee
107 Views

Unfortunately Apple decided to not build vPro platforms.

 

There is Intel ME FW component of vPro Platform. For vPro it has to be Enterprise FW (5/6 MB) while for consumer platforms it is basic ME FW 1,5/2 MB image that do not support IPT PKI neither vPro/AMT.

 

Intel IPT PKI SW does not support OS X as well.

Sorry.

darek

Reply