- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We need some help. We are receiving an SSL error when attempting to remote configure our Dell notebooks
We have a Go Daddy CA for provisioning our Dell notebooks. However, we are still unable to remote configure our vPro equipped systems.
Lan Setup:
Our Active Directory suffix is mycompany.corp (.corp is our AD Zone)
Our DHCP option 14 issues a suffix of pb.mycompany.com (.com is our Unix based zone)
Our Go Daddy CA is pb.mycompany.com
Our RCS server is pbvproap01.pb.mycompany.com
Error message from one of our notebooks:
Operation: Configuration
Date and Time: 8/22/2016 11:13:55 AM
Error Code: 3221246495
Severity: Failure
UUID: 4C4C4544-0030-3810-8047-C2C04F565931
Intel AMT FQDN: Notebook1.pb.mycompany.com
Intel AMT IPv4: 192.168.164.5
Server Name: pbvproap01.mycompany.corp
Description: An SSL error occurred. Verify the username and password, and the PSK or certificate settings, where applicable.
Failed while calling
WS-Management call
GetAmtVersion (CIM_SoftwareIdentity.Get). Intel(R) AMT connection error
0xc000521c: A TCP error occurred. Make sure that the destination settings are correct and that a network connection exists to the target.
Valid certificate for PKI configuration not found.
Link Copied
1 Reply
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Please check your GoDaddy certificate:
- Is it installed in certificate store of user running RCS Service (if RCS is run as Network Service it will be Computer certificate store)
- Is it Intel AMT Provisionig certificate?It should contain an Intel AMT unique OID (2.16.840.1.113741.1.2.3) in EKU if possible. It must contain the "SSL Server" OID (an IANA pre-defined OID). (this is what GoDaddy inserts into EKU when you select "certificate for Intel vPro"
- If it was issued recenly it is SHA256 certificate for sure. SHA256 certificates are supported by Intel AMT FW 6.0x or newer only.
- Does its trust chain start with Go Daddy Class 2 CA with SHA1 Fingerprint: 27 96 ba e6 3f 18 01 e2 77 26 1b a0 d7 77 70 02 8f 20 ee e4?
Dariusz Wittek
Intel EMEA Biz Client Solution Architect
Reply
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page