CollapseAll image

Add a Public-Private Key Pair

The following steps describe how to add a private key to the Intel AMT certificate store.

1.  Create a private key blob in Base64 format.

2.  Retrieve the instance of AMT_PublicKeyManagementService., where the “Name” key equals “Intel(r) AMT Public Key Management Service”.

3.  Invoke AMT_PublicKeyManagementService.AddKey with the following parameter:




The private key blob created in step 1.


note-icon Note:

The method returns the EPR of the AMT_PublicPrivateKeyPair instance representing the key that was created. This EPR is used in the Remove a Public-Private Key Pair flow.


Click here for a snippet demonstrating this step

You can execute this snippet by inserting it into the execution template found here.


$keyBlob =# The private key blob created in step 1.

$publicKeyManagementServiceRef =$wsmanConnectionObject.NewReference("SELECT * FROM AMT_PublicKeyManagementService WHERE Name='Intel(r) AMT Public Key Management Service'")

$inputObject =$publicKeyManagementServiceRef.CreateMethodInput("AddKey")


$outputObject =$publicKeyManagementServiceRef.InvokeMethod($inputObject)

$returnValue =$outputObject.GetProperty("ReturnValue")

if($returnValue -like "0")


          # The $publicPrivateKeyPairRef is an EPR to the new AMT_PublicPrivateKeyPair object.

    $publicPrivateKeyPairRef =$outputObject.GetProperty("CreatedKey").Ref




Instance Diagram

Classes Used in This Flow

SDK Sample

Not applicable


Copyright © 2006-2022, Intel Corporation. All rights reserved.