Class IPS_TLSProvisioningRecord
Used in features: Provisioning ,
Security Administration , General Info
Compatible with the following
Intel AMT Releases: 6.1, 6.2, 7.0, 8.0, 8.1, 9.0, 9.5, 10.0, 11.0
CIM_ManagedElement
CIM_RecordForLog
CIM_LogEntry
IPS_ProvisioningAuditRecord
IPS_TLSProvisioningRecord
class IPS_TLSProvisioningRecord
- extends IPS_ProvisioningAuditRecord
General Information:
The IPS_TLSProvisioningRecord provides
information related to a single Intel (R) AMT provisioning occurrence that was
performed using a TLS provisioning method - PSK or
PKI
Qualifiers:
-------------
Version=7.0.0
Supported Fields
Summary |
datetime
|
CreationTimeStamp
Specifies the time the provisioning occurrence took place; time
is recorded from the host RTC.
|
string
|
RecordData A string
containing LogRecord data . . .
|
string
|
RecordFormat A
string describing the data structure of the information in the property,
RecordData . . .
|
string
|
ElementName A
user-friendly name for the object . . .
|
string
|
InstanceID Within the scope of the instantiating Namespace,
InstanceID opaquely and uniquely identifies an instance of this class . .
.
|
string
|
LogInstanceID The
containing Log's InstanceID.
|
string
|
LogName The containing
Log's Name . . .
|
string
|
RecordID RecordID may
be used to provide a representation of log entry ordering or
pointers/handles for log entries.
|
uint8
|
ProvisioningTLSMode
Specifies the TLS provisioning method that was used to
provision Intel(R) AMT
|
boolean
|
SecureDNS True, if
the DNS Suffix used to authorize the provisioning entityWas set via the
MEBx, false if value was read from the DHCP Server's option 15 valueValid
only if TLSProvisioningMethod="TLS-PKI"
|
boolean
|
HostInitiated
True if provisioning was initiated by a host agent . . .
|
string
|
ProvServerFQDN
Specifies the CN value in the SSL certificate used by the
provisioning server . . .
|
uint8
|
SelectedHashType
The hash algorithm used for SelectedHashData . . .
|
uint8[64]
|
SelectedHashData
Hash data - The hash of the root certificate used in the
configuration process . . .
|
string[5]
|
CaCertificateSerials
Notice: the values of this array are actually base64 encoded
values . . .
|
boolean
|
AdditionalCaSerialNums
Valid only if TLSProvisioningMethod="TLS-PKI"
|
boolean
|
HashIsOemDefault
True if the certificate hash data was set by OEM . . .
|
boolean
|
IsTimeValid
Specifies whether the SSL cert validity period was successfully
verified.The host RTC is used as the reference clock . . .
|
string
|
ProvServerIP The
IP address of the Provisioning server that issued the
AMT_SetupAndConfigurationService.CommitChanges() command, both IPv4 &
IPv6 addresses are supported.
|
Methods Summary |
|
Get(Instance) Gets the
representation of the instance
|
|
Pull(EnumerationContext,
MaxElements) Pulls instances of this class, following an
Enumerate operation
|
|
Enumerate()
Enumerates the instances of this class
|
|
Release(EnumerationContext)
Releases an enumeration context
|
CreationTimeStamp
public datetime CreationTimeStamp
- General Information:
Specifies the time the provisioning
occurrence took place; time is recorded from the host
RTC.
Qualifiers:
-------------
Override=CreationTimeStamp
RecordData
public string RecordData
- General Information:
A string containing LogRecord data.
If
the corresponding RecordFormat property is <empty>, or cannot be parsed
according to the recommended format, RecordData should be interpreted as a
free-form string. If the RecordFormat property contains parseable format
information (as recommended in the RecordFormat Description qualifier), the
RecordData string SHOULD be parsed in accordance with this format. In this
case, RecordData SHOULD begin with the delimiter character and this character
SHOULD be used to separate substrings in the manner described. The RecordData
string can then be parsed by the data consumer and appropriately
typed.
Qualifiers:
-------------
ModelCorrespondence={CIM_RecordForLog.RecordFormat}
MaxLen=40
RecordFormat
public string RecordFormat
- General Information:
A string describing the data structure of
the information in the property, RecordData. If the RecordFormat string is
<empty>, RecordData should be interpreted as a free-form string.
To describe the data structure of RecordData, the RecordFormat string
should be constructed as follows:
- The first character is a delimiter
character and is used to parse the remainder of the string into sub-strings.
- Each sub-string is separated by the delimiter character and should be in
the form of a CIM property declaration (i.e., datatype and property name).
This set of declarations may be used to interpret the similarly delimited
RecordData property.
For example, using a '*' delimiter, RecordFormat =
"*string ThisDay*uint32 ThisYear*datetime SomeTime"
may be used to
interpret: RecordData = "*This is
Friday*2002*20020807141000.000000-300".
Qualifiers:
-------------
ModelCorrespondence={CIM_RecordForLog.RecordData}
MaxLen=10
ElementName
public string ElementName
- General Information:
A user-friendly name for the object. This
property allows each instance to define a user-friendly name in addition to
its key properties, identity data, and description information.
Note that
the Name property of ManagedSystemElement is also defined as a user-friendly
name. But, it is often subclassed to be a Key. It is not reasonable that the
same property can convey both identity and a user-friendly name, without
inconsistencies. Where Name exists and is not a Key (such as for instances of
LogicalDevice), the same information can be present in both the Name and
ElementName properties. Note that if there is an associated instance of
CIM_EnabledLogicalElementCapabilities, restrictions on this properties may
exist as defined in ElementNameMask and MaxElementNameLen properties defined
in that class.
Qualifiers:
-------------
MaxLen=45
InstanceID
public string InstanceID
- General Information:
Within the scope of the instantiating
Namespace, InstanceID opaquely and uniquely identifies an instance of this
class. In order to ensure uniqueness within the NameSpace, the value of
InstanceID SHOULD be constructed using the following 'preferred' algorithm:
<OrgID>:<LocalID>
Where <OrgID> and <LocalID>
are separated by a colon ':', and where <OrgID> MUST include a
copyrighted, trademarked or otherwise unique name that is owned by the
business entity creating/defining the InstanceID, or is a registered ID that
is assigned to the business entity by a recognized global authority (This is
similar to the <Schema Name>_<Class Name> structure of Schema
class names.) In addition, to ensure uniqueness <OrgID> MUST NOT contain
a colon (':'). When using this algorithm, the first colon to appear in
InstanceID MUST appear between <OrgID> and <LocalID>.
<LocalID> is chosen by the business entity and SHOULD not be re-used
to identify different underlying (real-world) elements. If the above
'preferred' algorithm is not used, the defining entity MUST assure that the
resultant InstanceID is not re-used across any InstanceIDs produced by this or
other providers for this instance's NameSpace.
For DMTF defined instances,
the 'preferred' algorithm MUST be used with the <OrgID> set to
'CIM'.
Qualifiers:
-------------
Key
Override=InstanceID
MaxLen=45
LogInstanceID
public string LogInstanceID
- General Information:
The containing Log's
InstanceID.
Qualifiers:
-------------
MaxLen=40
LogName
public string LogName
- General Information:
The containing Log's Name. This property is
available for backwards continuity with
CIM_LogRecord.
Qualifiers:
-------------
MaxLen=40
RecordID
public string RecordID
- General Information:
RecordID may be used to provide a
representation of log entry ordering or pointers/handles for log
entries.
Qualifiers:
-------------
MaxLen=5
ProvisioningTLSMode
public uint8 ProvisioningTLSMode
- General Information:
Specifies the TLS provisioning method that
was used to provision Intel(R)
AMT
Qualifiers:
-------------
ValueMap={0, 1, 2,
..}
Values={Unknown, TLS-PSK, TLS-PKI, Reserved}
SecureDNS
public boolean SecureDNS
- General Information:
True, if the DNS Suffix used to authorize
the provisioning entityWas set via the MEBx, false if value was read from the
DHCP Server's option 15 valueValid only if TLSProvisioningMethod="TLS-PKI"
HostInitiated
public boolean HostInitiated
- General Information:
True if provisioning was initiated by a
host agent. Valid only if TLSProvisioningMethod="TLS-PKI"
ProvServerFQDN
public string ProvServerFQDN
- General Information:
Specifies the CN value in the SSL
certificate used by the provisioning server. Valid only if
TLSProvisioningMethod="TLS-PKI"
Qualifiers:
-------------
MaxLen=256
SelectedHashType
public uint8 SelectedHashType
- General Information:
The hash algorithm used for
SelectedHashData. Valid only if
TLSProvisioningMethod="TLS-PKI"
Qualifiers:
-------------
valueMap={0,
1, 2, 3, ..}
values={Unknown, SHA-1-160, SHA-2-256, SHA-2-384,
Reserved}
SelectedHashData
public uint8[64] SelectedHashData
- General Information:
Hash data - The hash of the root
certificate used in the configuration process. Valid only if
TLSProvisioningMethod="TLS-PKI"
Qualifiers:
-------------
OctetString
CaCertificateSerials
public string[5] CaCertificateSerials
- General Information:
Notice: the values of this array are
actually base64 encoded values. A list of a maximum of three serial numbers of
the issuing CA certificates. If the certificate chain has more than three
certificates, this field contains the serial numbers of the last three
certificates. This field has a value only if
TLSProvisioningMethod="TLS-PKI"
Qualifiers:
-------------
OctetString
MaxLen=256
AdditionalCaSerialNums
public boolean AdditionalCaSerialNums
- General Information:
Valid only if
TLSProvisioningMethod="TLS-PKI"
HashIsOemDefault
public boolean HashIsOemDefault
- General Information:
True if the certificate hash data was set
by OEM. Valid only if TLSProvisioningMethod="TLS-PKI"
IsTimeValid
public boolean IsTimeValid
- General Information:
Specifies whether the SSL cert validity
period was successfully verified.The host RTC is used as the reference clock.
Note that Intel(R) AMT will not cause a Provisioning operation to fail even if
the certificate has expired.Valid only if TLSProvisioningMethod="TLS-PKI"
ProvServerIP
public string ProvServerIP
- General Information:
The IP address of the Provisioning server
that issued the AMT_SetupAndConfigurationService.CommitChanges() command, both
IPv4 & IPv6 addresses are
supported.
Qualifiers:
-------------
MaxLen=256
Get
public Get([OUT]IPS_TLSProvisioningRecord Instance)
- Permission Information:
Permitted realms:
ADMIN_SECURITY_ADMINISTRATION_REALM, ADMIN_SECURITY_LOCAL_SYSTEM_REALM,
ADMIN_SECURITY_GENERAL_INFO_REALM,
ADMIN_SECURITY_LOCAL_APPS_REALM
General Information:
Gets the
representation of the instance
Pull
public Pull([IN]String EnumerationContext, [IN]String MaxElements)
- Permission Information:
All users permitted to use method, only
instances to whom the user has permissions will be returned
General
Information:
Pulls instances of this class, following an Enumerate
operation
Enumerate
public Enumerate()
- Permission Information:
All users permitted to use
method
General Information:
Enumerates the instances of this
class
Release
public Release([IN]String EnumerationContext)
- Permission Information:
All users permitted to use
method
General Information:
Releases an enumeration
context