2 Replies Latest reply on Jul 24, 2012 6:03 PM by Brendan

    Secure remote control to home PC?

      Hi,

       

      My home PC is an Ivy Bridge AMT, and I can OOB remote control it over the Internet using VNC Plus. I want to enable TLS security.  Is it possible to enable TLS without a Windows domain PKI nor purchasing a cert from a public CA?  I own a public domain and use a dynamic DNS Windows service running on my PC to update DNS when my ISP changes my IP address.

       

      I have created a self-signed cert using Win7's Certificates mmc-snapin (and converted to .pem format using http://tinyurl.com/amys52) but when I run through the AMT Configuration Utility to enable TLS using the "Use certificate from file" option, I get error "Failed to configure this Intel AMT device. Error found with the supplied certificate".  Am I flogging a dead horse here?  Even if I get the cert format right will I be able to securely OOB remote control without user interaction authorising the incoming VNC connection?

       

      Many thanks.

        • 1. Re: Secure remote control to home PC?
          gfuestonx

          Without a CA or a domain name TLS will not work.

          • 2. Re: Secure remote control to home PC?
            Brendan

            I have a internet domain, but not a Windows domain.  I do not have a public CA supplied certificate.

             

            From the YouTube video I've seen (http://tinyurl.com/cuj83g9), it seems possible to create an appropriate certificate using Manageability Director, but this crashes upon launch in Win7 64bit, XP and 2008 R2 (everything I've tried) - "Manageability Director Tool has stopped working"

             

            Description:

              Stopped working

             

            Problem signature:

              Problem Event Name:    APPCRASH

              Application Name:    Manageability Director Tool.exe

              Application Version:    7.0.12102.2

              Application Timestamp:    4f85cf73

              Fault Module Name:    KERNELBASE.dll

              Fault Module Version:    6.1.7601.17651

              Fault Module Timestamp:    4e21213c

              Exception Code:    e0434f4d

              Exception Offset:    000000000000cacd

              OS Version:    6.1.7601.2.1.0.256.48

              Locale ID:    2057

             

             

             

            I don't have Visual Studio to debug the source and recompile.  Same occurs with the Open Manageability version.  I sent the above info to ylian.saint-hilaire@intel.com early last week but he hasn't replied.