We have built a testing environment to set up vPro using PKI mode. However, the vPro client is not provisioning properly with the following error messages in SCS console event log:
1214,ERROR!,Error Configuring Intel AMT device: Failed to connect to un-configured Intel AMT device at IP 126.96.36.199: Proper certificate that matches the pre loaded certificate was not found in the user certificate store. PKI configuration failed.,4/22/2011 5:27:07 PM,17410FFB-A956-11DC-BBDA-FE9DD0E9000F,2202,DEVHPCAE\Administrator,WPS2008,
1214,ERROR!,Proper certificate that matches the pre loaded certificate was not found in the user certificate store. PKI configuration failed.,4/22/2011 5:27:07 PM,17410FFB-A956-11DC-BBDA-FE9DD0E9000F,1205,,WPS2008,
- Our testing environment:
- Server A: Windows 2008 + IIS7.0 + SCS 5.3 + SQL Server 2005 + Domain Controller with DNS Server integrated
- Client A: Windows 2003 + vPro 3.2.2 AMT version
- The procedure to install and configure vPro testing environment is described below:
- We are using PKI mode so we install a Certificate Authority on Server A .
- Create a certificate template and issue the client certificate template on Server A
- On Server A, request a certificate. In the "Identifying Information For Offline Template, the Name:" field specifiy the fully qualified
name of the Provisioning Server (Server A).
- Install the client certificate on Server A. Export the client certificate.
- Open the root certificate. On the Details tab, note down the certificate hash value in the Thumbprint field. Export the root certificate.
- On Server A, create new Profile in SCS Console. Enable TLS. Create a digest user and give it PT administration right.
- Start Client A, then press Ctrl+P during startup to enter the Intel MEBX. Manually enter the matching certificate hash value which is obtained from step 5. Input other necessary fields in MEBX.
- vPro Client A is provisioning automatically. The target vPro device appear in SCS console but with its provisioning status "Not Configured".
- We are starting to get the above "PKI configuration failed" errors now.
Please help to check if I am doing anything wrong. Attached the event log file. Thanks!
event.txt.zip 869 bytes