Intel vPro® Platform
Intel Manageability Forum for Intel® EMA, AMT, SCS & Manageability Commander
Announcements
The Intel sign-in experience has changed to support enhanced security controls. If you sign in, click here for more information.
2706 Discussions

Identity Protection Technology with Microsoft PKI

AM21
Beginner
‎08-04-2016 06:02 AM
1,694 Views

Hi,

we have a VPN server with SSTP connection, which authenticated by user credentials and Server certificate on 2012 R2.

Now i must implement SSTP connection with user credentials and user certificate.

 

I found that there are many solution to store user certificates not in their OS, but in the TPM or IPT. Fine.

maybe has someone the documentations how to configure all this?

 

how i can import the certificates into IPT?

 

how i can say to VPN client - hey, please use a certificate from IPT?

thank you very much!

0 Kudos

Link Copied

5 Replies
Dariusz_W_Intel
Employee
‎08-08-2016 02:11 AM
389 Views

Exonix,

there is Intel Use Case Reference Design for IPT used for VPN login. Unfortunately I have only little personal experience with this.\

check https://downloadcenter.intel.com/download/21324/Intel-vPro-Technology-Use-Case-Reference-Design-Intel-IPT-with-PKI Download Intel vPro Technology Use Case Reference Design – Intel IPT with PKI

rgds

Dariusz Wittek

 

Intel EMEA Biz Client Solution Architect
Copy link
AM21
Beginner
‎08-11-2016 06:46 AM
389 Views
In response to Dariusz_W_Intel

 

Thank you Dariusz,

 

now i'm trying to install the Intel_IPT_PKI_x64_v4.0.5.25 on Windows 10 x64 on NUC6i3SYK, but i get an error, though all required components are installed. maybe i missed something?

In response to Dariusz_W_Intel
0 Kudos
Copy link
Dariusz_W_Intel
Employee
‎08-12-2016 08:31 AM
389 Views

Yes,

you are missing propper HW platform.

Within Intel IPT overall technology envelope - the PKI (HW cert store provider) is supported by Intel Core vPro platforms (Core i5 vPro, Core i7 vPro) ONLY.

The propper Intel NUC for this is Intel® NUC5i5MYHE.

This is the only current Core vPro model of Intel NUCs.

Your system supports IPT One Time Password and Intel Protected Transaction Display.

rgds

darek

Copy link
AM21
Beginner
‎09-13-2016 03:53 AM
389 Views
In response to Dariusz_W_Intel

Hello Dariusz,

could you please tell whether OS X supports ITP ?

i have i MacBookAir with i7-4650U that supports vPRO. Can i use it to store users certificates?

In response to Dariusz_W_Intel
0 Kudos
Copy link
Dariusz_W_Intel
Employee
‎09-13-2016 04:06 AM
389 Views

Unfortunately Apple decided to not build vPro platforms.

 

There is Intel ME FW component of vPro Platform. For vPro it has to be Enterprise FW (5/6 MB) while for consumer platforms it is basic ME FW 1,5/2 MB image that do not support IPT PKI neither vPro/AMT.

 

Intel IPT PKI SW does not support OS X as well.

Sorry.

darek

Copy link
Reply

For more complete information about compiler optimizations, see our Optimization Notice.