Cisco ACS Certificate Configuration for Intel AMT

Problem(s) summary: 802.1x authentication fails

Problem 1:

In secured networks such as 802.1x or Cisco NAC, when the Intel AMT-enabled PC connects to the network and tries to communicate with the RADIUS Server (Cisco ACS), it will attempt 802.1x authentication with ACS; however, if the server certificate doesn't have a server authentication object ID (OID), authentication fails.

Problem 2:

Cisco requires that subordinate Certificate Authorities (CAs) in the chain of trust be trusted as root CAs.