Class AMT_TLSSettingData

Used in features: Security Administration , General Info
Compatible with the following Intel AMT Releases: 3.0, 3.2, 4.0, 5.0, 5.1, 6.0, 6.1, 6.2, 7.0, 8.0, 8.1, 9.0, 9.5
CIM_ManagedElement
   extended by CIM_SettingData
      extended by AMT_TLSSettingData


class AMT_TLSSettingData
extends CIM_SettingData

General Information:
The AMT_TLSSettingData class represents configuration-related and operational parameters for the TLS service in the Intel(R) AMT.

Qualifiers:
-------------
Version=3.0.0


Supported Fields Summary
 string ElementName
The user-friendly name for this instance of SettingData . . .
 string InstanceID Key
Within the scope of the instantiating Namespace, InstanceID opaquely and uniquely identifies an instance of this class . . .
 boolean MutualAuthentication
Adminstrator-settable property that determines whether or not mutual authentication is used at the TLS layer is used on the associated service access point . . .
 boolean Enabled
Administrator-settable property that determines whether or not TLS is used on the associated service access point.
 string[10] TrustedCN
An array of strings, used to validate the CN subfield of the subject field in X.509 certificates presented to Intel(R) AMT in the TLS handshake . . .
 boolean AcceptNonSecureConnections
This setting defines once TLS is enabled and configured whether non-secure EOI/WSMAN connections are still accepted by FW on ports 16992 and 623 . . .

Methods Summary
  Put(Instance)
Changes properties of the selected instance
  Get(Instance)
Gets the representation of the instance
  Pull(EnumerationContext, MaxElements)
Pulls instances of this class, following an Enumerate operation
  Enumerate()
Enumerates the instances of this class
  Release(EnumerationContext)
Releases an enumeration context

Field Detail

ElementName

public string ElementName
General Information:
The user-friendly name for this instance of SettingData. In addition, the user-friendly name can be used as an index property for a search or query. (Note: The name does not have to be unique within a namespace.)

Product Specific Usage:
In Intel AMT Release 6.0 and later releases value is:
Remote interface: “Intel(r) AMT 802.3 TLS Settings”
Local interface: “Intel(r) AMT LMS TLS Settings”


Qualifiers:
-------------
Required
Override=ElementName
MaxLen=256


InstanceID Key

public string InstanceID
General Information:
Within the scope of the instantiating Namespace, InstanceID opaquely and uniquely identifies an instance of this class. To ensure uniqueness within the NameSpace, the value of InstanceID should be constructed using the following "preferred" algorithm:
<OrgID>:<LocalID>
Where <OrgID> and <LocalID> are separated by a colon (:), and where <OrgID> must include a copyrighted, trademarked, or otherwise unique name that is owned by the business entity that is creating or defining the InstanceID or that is a registered ID assigned to the business entity by a recognized global authority. (This requirement is similar to the <Schema Name>_<Class Name> structure of Schema class names.) In addition, to ensure uniqueness, <OrgID> must not contain a colon (:). When using this algorithm, the first colon to appear in InstanceID must appear between <OrgID> and <LocalID>.
<LocalID> is chosen by the business entity and should not be reused to identify different underlying (real-world) elements. If the above "preferred" algorithm is not used, the defining entity must assure that the resulting InstanceID is not reused across any InstanceIDs produced by this or other providers for the NameSpace of this instance.
For DMTF-defined instances, the "preferred" algorithm must be used with the <OrgID> set to CIM.

Product Specific Usage:
In Intel AMT Release 6.0 and later releases value is:
Remote interface: “Intel(r) AMT 802.3 TLS Settings”
Local interface: “Intel(r) AMT LMS TLS Settings”


Qualifiers:
-------------
Key
Override=InstanceID
MaxLen=256


MutualAuthentication

public boolean MutualAuthentication
General Information:
Adminstrator-settable property that determines whether or not mutual authentication is used at the TLS layer is used on the associated service access point. If False, then only the server authenticates itself at the TLS layer.

Product Specific Usage:
Use of Mutual Authentication on the local interface is deprecated in Release 6.0. The feature will be removed in a future release.
This property is only visible / usable for users of ADMIN_SECURITY_ADMINISTRATION realm.
This property must be supplied if Enabled property is True.


Enabled

public boolean Enabled
General Information:
Administrator-settable property that determines whether or not TLS is used on the associated service access point.

Qualifiers:
-------------
Required


TrustedCN

public string[10] TrustedCN
General Information:
An array of strings, used to validate the CN subfield of the subject field in X.509 certificates presented to Intel(R) AMT in the TLS handshake. This value must comply with the requirements of RFC 1035.

Product Specific Usage:
This property is only visible / usable for users of ADMIN_SECURITY_ADMINISTRATION realm

Additional Notes:
1) 'Max Length' qualifier in Intel AMT Release 3.2 and earlier releases is '64'.
2) 'Array Max Length' qualifier in Intel AMT Release 3.2 and earlier releases is '4'.

Qualifiers:
-------------
MaxLen=60


AcceptNonSecureConnections

public boolean AcceptNonSecureConnections
General Information:
This setting defines once TLS is enabled and configured whether non-secure EOI/WSMAN connections are still accepted by FW on ports 16992 and 623. If AcceptNonSecureConnections is set to TRUE then non-secure connections are still accepted. If set to FALSE then non-secure connections are rejected. This setting may be set per interface for the local and network interfaces.

Product Specific Usage:
AMT_TLSSettingData.AcceptNonSecureConnections may only be modified for the remote interface. It is a read-only property for the local interface instance.


Method Detail

Put

public  Put([IN]AMT_TLSSettingData Instance)
Permission Information:
Permitted realms: ADMIN_SECURITY_ADMINISTRATION_REALM

General Information:
Changes properties of the selected instance

Product Specific Usage:
The following properties must be included in any representation of AMT_TLSSettingData:

ElementName
(cannot be modified)
InstanceID (cannot be modified)
Enabled

This method will not modify the flash ("Enabled" property) until "CommitChanges" is issued and performed successfully.

Get

public  Get([OUT]AMT_TLSSettingData Instance)
Permission Information:
Permitted realms: ADMIN_SECURITY_ADMINISTRATION_REALM, ADMIN_SECURITY_GENERAL_INFO_REALM

General Information:
Gets the representation of the instance

Pull

public  Pull([IN]String EnumerationContext, [IN]String MaxElements)
Permission Information:
All users permitted to use method, only instances to whom the user has permissions will be returned

General Information:
Pulls instances of this class, following an Enumerate operation

Enumerate

public  Enumerate()
Permission Information:
All users permitted to use method

General Information:
Enumerates the instances of this class

Release

public  Release([IN]String EnumerationContext)
Permission Information:
All users permitted to use method

General Information:
Releases an enumeration context

Copyright © 2006-2013, Intel Corporation. All rights reserved.