CollapseAll image

Get the Credential Context used by the Active Profile

The following steps describe how to retrieve the credentials (client and root certificates) used in a profile to identify the user against the authenticating server.

1.  Retrieve the instance of AMT_8021XProfile, where the “InstanceID” key equals “Intel(r) AMT 802.1x Profile 0”.

2.  From the AMT_8021XProfile instance, traverse the AMT_8021xCredentialContext association class to find the instance of AMT_PublicKeyCertificate.

3.  For a Root Certificate look for an instance of AMT_PublicKeyCertificate where the “TrustedRootCertificate” field equals “true”.

4.  For a Client Certificate look for an instance of AMT_PublicKeyCertificate where the “TrustedRootCertificate” field equals “false”.

5.  Examine AMT_PublicKeyCertificate.ElementName, AMT_PublicKeyCertificate.X509Certificate, AMT_PublicKeyCertificate.Issuer, etc.

Click here for a snippet demonstrating this step

You can execute this snippet by inserting it into the execution template found here.


# Create a reference to AMT_8021XProfile instance.

$8021XProfileRef =$wsmanConnectionObject.NewReference("SELECT * FROM AMT_8021XProfile WHERE InstanceID='Intel(r) AMT 802.1x Profile 0'")

$8021XProfileInstance =$8021XProfileRef.Get()

$8021xCredentialContextRef =$wsmanConnectionObject.NewReference("AMT_8021xCredentialContext")


# Traverse to the AMT_8021xCredentialContext instances that are connected to the AMT_8021XProfile.

foreach($8021xCredentialContextItem in$8021xCredentialContextRef.Enumerate("",$null))


    # For each instance, check if it is associated to the AMT_PublicKeyCertificate instance.



          # For root certificate:

          #Get the AMT_PublicKeyCertificate object using its EPR.

          $publicKeyCertificateInstance =$8021xCredentialContextItem.Object.GetProperty("ElementInContext").Ref.Get()

          if($publicKeyCertificateInstance.GetProperty("TrustedRootCertficate") -like "true")


                $elementName =$publicKeyCertificateInstance.GetProperty("ElementName")

                $x509Certificate =$publicKeyCertificateInstance.GetProperty("X509Certificate")

                $issuer =$publicKeyCertificateInstance.GetProperty("Issuer")






Instance Diagram

Classes Used in This Flow

SDK Sample

Not applicable


Copyright © 2006-2022, Intel Corporation. All rights reserved.