SUMMARY: NESTED | FIELD | | METHOD
DETAIL: FIELD | METHOD

Class AMT_TLSSettingData

Used in features: Security Administration , General Info
Compatible with the following Intel AMT Releases: 3.0, 3.2, 4.0, 5.0, 5.1, 6.0, 6.1, 6.2, 7.0, 8.0, 8.1, 9.0, 9.5, 10.0, 11.0 
CIM_ManagedElement
   extended by CIM_SettingData
      extended by AMT_TLSSettingData


class AMT_TLSSettingData
 extends CIM_SettingData


General Information:
The AMT_TLSSettingData class represents 
configuration-related and operational parameters for the TLS service in the 
Intel(R) 
AMT.

Qualifiers:
-------------
Version=3.0.0









  
  

    Supported Fields 
      Summary

  

     string 
      
    ElementName 
The 
      user-friendly name for this instance of SettingData . . .

  

     string 
      
    InstanceID Key  
Within the scope of the instantiating Namespace, 
      InstanceID opaquely and uniquely identifies an instance of this class . . 
      .

  

     boolean 
      
    MutualAuthentication 
      
Adminstrator-settable property that determines whether or not 
      mutual authentication is used at the TLS layer is used on the associated 
      service access point . . .

  

     boolean 
      
    Enabled 
      
Administrator-settable property that determines whether or not 
      TLS is used on the associated service access point.

  

     string[10] 
      
    TrustedCN 
An array of 
      strings, used to validate the CN subfield of the subject field in X.509 
      certificates presented to Intel(R) AMT in the TLS handshake . . .

  

     boolean 
      
    AcceptNonSecureConnections 
      
This setting defines once TLS is enabled and configured whether 
      non-secure EOI/WSMAN connections are still accepted by FW on ports 16992 
      and 623 . . .


	  
	

     boolean 
      
    NonSecureConnectionsSupported 
      
If the value of this read-only field is True, the value of AcceptNonSecureConnections can be changed.
Note that this class and field can be accessed locally as well as remotely.
	  
	  
	  
	  




  
  

    Methods Summary

  

     
    Put(Instance) 
Changes 
      properties of the selected instance

  

     
    Get(Instance) 
Gets the 
      representation of the instance

  

     
    Pull(EnumerationContext, 
      MaxElements) 
Pulls instances of this class, following an 
      Enumerate operation

  

     
    Enumerate() 
      
Enumerates the instances of this class

  

     
    Release(EnumerationContext) 
      
Releases an enumeration context




  
  

    Field 
Detail


ElementName 
public string ElementName



  
General Information:
The user-friendly name for this instance of 
  SettingData. In addition, the user-friendly name can be used as an index 
  property for a search or query. (Note: The name does not have to be unique 
  within a namespace.)

Product Specific Usage:
In Intel AMT 
  Release 6.0 and later releases value is: 
Remote interface: “Intel(r) AMT 
  802.3 TLS Settings” 
Local interface: “Intel(r) AMT LMS TLS Settings” 
  


Qualifiers:
-------------
Required
Override=ElementName
MaxLen=256


  

  





InstanceID Key 
public string InstanceID



  
General Information:
Within the scope of the instantiating 
  Namespace, InstanceID opaquely and uniquely identifies an instance of this 
  class. To ensure uniqueness within the NameSpace, the value of InstanceID 
  should be constructed using the following "preferred" algorithm: 
  
<OrgID>:<LocalID> 
Where <OrgID> and <LocalID> 
  are separated by a colon (:), and where <OrgID> must include a 
  copyrighted, trademarked, or otherwise unique name that is owned by the 
  business entity that is creating or defining the InstanceID or that is a 
  registered ID assigned to the business entity by a recognized global 
  authority. (This requirement is similar to the <Schema Name>_<Class 
  Name> structure of Schema class names.) In addition, to ensure uniqueness, 
  <OrgID> must not contain a colon (:). When using this algorithm, the 
  first colon to appear in InstanceID must appear between <OrgID> and 
  <LocalID>. 
<LocalID> is chosen by the business entity and 
  should not be reused to identify different underlying (real-world) elements. 
  If the above "preferred" algorithm is not used, the defining entity must 
  assure that the resulting InstanceID is not reused across any InstanceIDs 
  produced by this or other providers for the NameSpace of this instance. 
  
For DMTF-defined instances, the "preferred" algorithm must be used with 
  the <OrgID> set to CIM.

Product Specific Usage:
In 
  Intel AMT Release 6.0 and later releases value is: 
Remote interface: 
  “Intel(r) AMT 802.3 TLS Settings” 
Local interface: “Intel(r) AMT LMS TLS 
  Settings” 
  


Qualifiers:
-------------
Key
Override=InstanceID
MaxLen=256


  

  





MutualAuthentication 
public boolean MutualAuthentication



  
General Information:
Adminstrator-settable property that 
  determines whether or not mutual authentication is used at the TLS layer is 
  used on the associated service access point. If False, then only the server 
  authenticates itself at the TLS layer.

Product Specific 
  Usage:
Use of Mutual Authentication on the local interface is 
  deprecated in Release 6.0. The feature will be removed in a future release. 
  
This property is only visible / usable for users of 
  ADMIN_SECURITY_ADMINISTRATION realm. 
This property must be supplied if 
  Enabled property is True.

  

  





Enabled 
public boolean Enabled



  
General Information:
Administrator-settable property that 
  determines whether or not TLS is used on the associated service access 
  point.

Qualifiers:
-------------
Required


  

  





TrustedCN 
public string[10] TrustedCN



  
General Information:
An array of strings, used to validate the 
  CN subfield of the subject field in X.509 certificates presented to Intel(R) 
  AMT in the TLS handshake. This value must comply with the requirements of RFC 
  1035.

Product Specific Usage:
This property is only visible / 
  usable for users of ADMIN_SECURITY_ADMINISTRATION realm 

Additional 
  Notes: 
1) 'Max Length' qualifier in Intel AMT Release 3.2 and earlier 
  releases is '64'. 
2) 'Array Max Length' qualifier in Intel AMT Release 3.2 
  and earlier releases is 
  '4'.

Qualifiers:
-------------
MaxLen=60


  

  





AcceptNonSecureConnections 
public boolean AcceptNonSecureConnections



  
General Information:
This setting defines once TLS is enabled 
  and configured whether non-secure EOI/WSMAN connections are still accepted by 
  FW on ports 16992 and 623. If AcceptNonSecureConnections is set to TRUE then 
  non-secure connections are still accepted. If set to FALSE then non-secure 
  connections are rejected. This setting may be set per interface for the local 
  and network interfaces.

Product Specific 
  Usage:
AMT_TLSSettingData.AcceptNonSecureConnections may only be 
  modified for the remote interface. It is a read-only property for the local 
  interface instance.

  

  






NonSecureConnectionsSupported  
public boolean NonSecureConnectionsSupported 



  
General Information:
Indicates the removal of support for the non-TLS WS-MAN ports for the remote interface.  Available starting Intel CSME 16.1 firmware on Raptor Lake platforms. If this read-only field exists and its value is True, changing the value of the AcceptNonSecureConnections field is allowed only for the local interface. 
Note that this class and field can be accessed locally as well as remotely.

Invoking the AMT_TLSSettingData.Put() command on the remote instance with AcceptNonSecureConnections set to True will fail with error code AMT_STATUS_NOT_PERMITTED.
Setting AMT_TLSSettingData.Enabled to False will also fail for the remote interface.

 

Product Specific 
  Usage:
Read-only.

  

  







  
  

    Method 
Detail


Put
public  Put([IN]AMT_TLSSettingData Instance)



  
Permission Information:
Permitted realms: 
  ADMIN_SECURITY_ADMINISTRATION_REALM

General 
  Information:
Changes properties of the selected 
  instance

Product Specific Usage:
The following properties 
  must be included in any representation of AMT_TLSSettingData: 
  

ElementName 
(cannot be modified) 
InstanceID (cannot be 
  modified) 
Enabled 

This method will not modify the flash ("Enabled" 
  property) until "CommitChanges" is issued and performed 
successfully.





Get
public  Get([OUT]AMT_TLSSettingData Instance)



  
Permission Information:
Permitted realms: 
  ADMIN_SECURITY_ADMINISTRATION_REALM, 
  ADMIN_SECURITY_GENERAL_INFO_REALM

General Information:
Gets 
  the representation of the instance





Pull
public  Pull([IN]String EnumerationContext, [IN]String MaxElements)



  
Permission Information:
All users permitted to use method, only 
  instances to whom the user has permissions will be returned

General 
  Information:
Pulls instances of this class, following an Enumerate 
  operation





Enumerate
public  Enumerate()



  
Permission Information:
All users permitted to use 
  method

General Information:
Enumerates the instances of this 
  class





Release
public  Release([IN]String EnumerationContext)



  
Permission Information:
All users permitted to use 
  method

General Information:
Releases an enumeration 
  context






  
  

    SUMMARY: NESTED | FIELD | METHOD
  

  

    DETAIL: FIELD | METHOD



  
  

    
      
Copyright © 2006-2022, Intel 
      Corporation. All rights 
reserved.