In your previous thread http://communities.intel.com/thread/29140, we showed when doing TLS communications a certificate is needed, as well for RCFG.
You need two seperate certificates for TLS and RCFG, the TLS certificate supplied by the CA and the RCFG certificate is the Go Daddy, Verisign ect.
The link you provided, shows you How to create AMT Certificates using the AMT SDK and OpenSSL, not that none are needed.
Also if you wish not to use TLS or RCFG certificates are not needed.
1 of 1 people found this helpful
It sorta comes down to your goals. That document will work, if AMT is already configured. This means one of two things; either you use MEBx to do the initial config or you do Host Based Config. MEBx is a BIOS extension, so it means going into BIOS on every PC you with to setup & configure. Host Based Config can be acomplished with SCS 8 by running one of the ACU tool on the client in windows. The implication is that you are in "Client Control Mode" which means all redirection operations (SOL, IDEr, and KVM) require user consent before doing them.
So, if you're OK with one of those states, then the doc will work for you. I'd suggest just trying it on a couple systems to see how it works for you.
Oh, I almost forgot. That doc will only work on AMT 6 and above, and for host based config you need AMT 6.2 and above.
One other question is, do you need TLS? As Greg pointed out, you can do all remote operations w/o TLS. TLS is optional for added security.
My final thought; there are lots of ways to setup & configure AMT. If you're OK with an MS CA & host based config, SCS 8 can setup and configure AMT 6.2 and up with TLS, but no need for the RCFG cert. This is the easiest and most secure of all methods.