Currently Being Moderated

In summary - these are not compatible, as explained below.


Intel AMT Remote Configuration enables the authentication to the firmware for an initial Intel AMT configuration event.  Remote configuration for Admin Control Mode configuration of the Intel AMT firmware is typically done via a valid certificate for the environment.


More information on the remote configuration process is available at


The authentication process should complete without user interaction.   If the requesting application (i.e. Intel SCS) is prompted everytime when the private key is accessed, the autonomy is lost.


When importing the certificate to your target server, if the Strong Key Protection option is selected and grayed out this indicates a conflicting group policy for cryptography has been applied to the server.



If you miss the first prompt, another clear indication that the conflicting group policy is in affect is shown below.

CertImport-PrivateKeyProtect prompt.png

Changing the group policy setting of the server will remove this barrier.


In the example below, the incorrect or conflicting setting is shown.



Change the System Cryptography policy to the "User input is not required when new keys are stored and used"




Filter Blog

By author:
By date:
By tag: