Lenovo ThinkCentre M92z White Paper for ThinkCentre M92, M92p, M92z - Page 25

TLS PKI, Remote, Configuration, In Process, Remote Configuration - 20 all in one desktop

Get Lenovo ThinkCentre M92z PDF manuals and user guides View all Lenovo ThinkCentre M92z manuals
Add to My Manuals
Save this manual to your list of manuals

Page 25 highlights

Set PID and PPS Option Delete PID and PPS Description Used to enter the Provisioning ID (PID) and Provisioning Pre-shared Key (PPS). The PID and PPS should be entered in the dash format (for example, 1234-ABCD for PID and 1234-ABCD-1234-ABCD-1234- ABCD-1234-ABCD for PPS). Notes: 1. A PPS value of 0000-0000-0000-0000-0000-0000-0000-0000 will not change the setup configuration state. If this value is used, the setup and configuration state will stay as Not-started. 2. Setting the PID/PPS will cause a partial unprovision if the setup and configuration is In-process. Used to delete the current PID and PPS stored on the Intel ME. Note: Deleting the PID and PPS will cause a partial unprovision if the setup and configuration is In-process. TLS PKI Select TLS PKI and press Enter. The INTEL(R) REMOTE CONFIGURATION window opens. The Remote Configuration option is used to enable or disable the remote configuration. Enabling or disabling remote configuration will cause a partial unprovision if the setup and configuration server is In Process. When the Remote Configuration option is enabled, the following options will be displayed. PKI DNS Suffix Option Manage Hashes Description Used to enter the PKI DNS Suffix for your Intel AMT computer. Key value will be maintained in the EPS. Note: EPS stands for VA Private Store, which is Intel's VA Specific Store in an ME-owned flash area separate from 3PDS. The size is one (1) physical page (4K bytes). Used to list all the hashes on the system, including the hash names and the hash states. The following keys are used to manage the hashes: • Esc: Used to exit from the hash management window. • Insert: Used to add a customized certificate hash to the system. To add a new certificate hash, do the following: 1. Press Insert and type the new hash name. Note: The hash name must be no longer than 32 characters. 2. Enter the certificate hash data for Intel AMT when prompted. The Certificate hash data is a 20-byte hexadecimal number for SHA-1 and a 32-byte for SHA-2. Enter the hash data in the correct format and then press Enter. Note: You can choose which hash algorithm will be used. a. SHA1 b. SHA2-256 c. SHA2-384 Chapter 4. Intel AMT setup and configuration on Lenovo ThinkCentre M92/p and M92z desktop computers 17

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
Option
Description
Set PID and PPS
Used to enter the Provisioning ID (PID) and Provisioning
Pre-shared Key (PPS). The PID and PPS should be entered
in the dash format (for example, 1234-ABCD for PID and
1234-ABCD-1234-ABCD-1234- ABCD-1234-ABCD for
PPS).
Notes:
1. A
PPS
value
of
0000-0000-0000-0000-0000-0000-0000-0000 will
not change the setup configuration state. If this
value is used, the setup and configuration state will
stay as
Not-started
.
2. Setting the PID/PPS will cause a partial unprovision if
the setup and configuration is
In-process
.
Delete PID and PPS
Used to delete the current PID and PPS stored on the
Intel ME.
Note:
Deleting the PID and PPS will cause a partial
unprovision if the setup and configuration is
In-process
.
TLS PKI
Select
TLS PKI
and press Enter. The INTEL(R) REMOTE CONFIGURATION window opens. The
Remote
Configuration
option is used to enable or disable the remote configuration. Enabling or disabling remote
configuration will cause a partial unprovision if the setup and configuration server is
In Process
. When the
Remote Configuration
option is enabled, the following options will be displayed.
Option
Description
PKI DNS Suffix
Used to enter the PKI DNS Suffix for your Intel AMT
computer. Key value will be maintained in the EPS.
Note:
EPS stands for VA Private Store, which is Intel’s VA
Specific Store in an ME-owned flash area separate from
3PDS. The size is one (1) physical page (4K bytes).
Manage Hashes
Used to list all the hashes on the system, including the
hash names and the hash states. The following keys are
used to manage the hashes:
Esc: Used to exit from the hash management window.
Insert: Used to add a customized certificate hash to
the system. To add a new certificate hash, do the
following:
1. Press Insert and type the new hash name.
Note:
The hash name must be no longer than 32
characters.
2. Enter the certificate hash data for Intel AMT when
prompted. The Certificate hash data is a 20-byte
hexadecimal number for SHA-1 and a 32-byte for
SHA-2. Enter the hash data in the correct format
and then press Enter.
Note:
You can choose which hash algorithm will be used.
a.
SHA1
b. SHA2-256
c.
SHA2-384
Chapter 4
.
Intel AMT setup and configuration on Lenovo ThinkCentre M92/p and M92z desktop computers
17