CollapseAll image

Defining Secure Connection Settings

The following steps describe how to define whether non-secure connections will be accepted by Intel AMT on the network interface on ports 16992, 16994 and 623 when that interface is configured for TLS.


 Deprecation Note:

   Starting from Alder Lake platforms with Raptor Lake CPUs running Intel® CSME 16.1 firmware, remote connections to Intel® AMT unsecure TCP/IP ports 16992, 16994 and 623 are no longer supported. TLS ports 16993, 16995 and 664 must be used for connecting to Intel AMT.

   Starting from Intel CSME 18 firmware on Meteor Lake platforms, connecting to Intel AMT without TLS is not supported at all (i.e., also local connections must use TLS ports).

1.  Select the instance of AMT_TLSSettingData,where the key “InstanceID” equals “Intel(r) AMT 802.3 TLS Settings” (the remote, or network, interface).

2.  In the selected AMT_TLSSettingData instance, set the following property:




Valid values:

     True – Non-secure connections are accepted

     False – Non-secure connections are rejected



   AcceptNonSecureConnections can be set on the Remote interface. Since the parameter is planned to be read-only on the local interface in future releases, applcations should refrain from setting it on 6.x platforms as well.

   The default setting for local interface is True.

   The default for the network interface is False.


3.  Invoke AMT_TLSSettingData.Put.

Click here for a snippet demonstrating this step

You can execute this snippet by inserting it into the execution template found here.


$tlsSettingDataRef =$wsmanConnectionObject.NewReference("SELECT * FROM AMT_TLSSettingData WHERE InstanceID='Intel(r) AMT 802.3 TLS Settings'")

$tlsSettingDataInstance =$tlsSettingDataRef.Get()






4.  Activate the change, as described in Step 5 of Set TLS to Server/Mutual Authentication.

Instance Diagram

Classes Used in This Flow

SDK Sample

Not applicable


Copyright © 2006-2022, Intel Corporation. All rights reserved.