Intel vPro® Platform
Intel Manageability Forum for Intel® EMA, AMT, SCS & Manageability Commander
2834 Discussions

Intel AMT / vPro SCCM SSL Cert


Hi guys.

I hope someone can enlighten me with this. I've new to this company of mine and is still quite unfamiliar with most of their IT SOPs here. Please mind that I'm also quite new to implementation of Intel AMT/ vpro Recently my manager asked me if I could help him find a solution to the question below:


We have a SCCM system and it used to be able to remotely provision Intel AMT / vPro clients. Our system is running with a internal name(mydomain.local), but as SSL certificates does not allow renewal of internal names anymore, we were unable to do purchase of new certificates.

Does anyone have a solution for this?

Thanks in advance!


0 Kudos
2 Replies

As a reminder, direct support from Intel engineers is available at

0 Kudos


You are right, actually nobody is able to issue public certificates for internal domain anymore, for security reasons.

In case that you have used Microsoft SCCM 2007/2012, you probably will face problems to provision machines with Intel vPro (with ME >=9.0 version) - read this blog. Based on my experience, I would suggest you shift the provision mechanism to Intel SCS, and integrate it with Microsoft SCCM using this add-on. As far you use a local domain and will not be able to issue 3rd party certificate, I would suggest adopt /community/itpeernetwork/vproexpert/blog/2011/03/07/intel-amt-7-introduces-host-based-configuration HBC as your primarily provision mechanism, and in cases that having Admin Control Mode is imperative, inject into ME the hash of your internal root CA to make it available to be provisioned using an internal provisioning certificate.

Also, if you have any problem, you also can use our support:

Best Regards!

-Bruno Domingues

0 Kudos