IPS_IEEE8021xSettings Field Descriptions

The following table provides additional information on several of the properties of the class.

Property

Description

ServerCertificateName and ServerCertificateNameComparison

Optional; required if the supplicant needs to be configured to trust the server certificate with CN that contains a specific Name or that contains specific domain suffix. The property ServerCertificateNameComparison specifies the type of data in the ServerCertificateName.

AvailableInS0

Represents the Intel AMT state regarding Active/Passive modes. Setting this property with value= “true” means that Active/Passive mechanism will be enabled. The default value is “true”.

PxeTimeout

Timeout in seconds, during which Intel AMT holds an authenticated 802.1x session. During this period, Intel AMT manages the 802.1x negotiation while a PXE boot takes place. After the timeout, control of the negotiation passes to the host.

A value of 0 disables the feature.

If this optional value is omitted, Intel AMT sets a default value of 120 seconds.

If PXE boot or UEFI HTTP/S boot is enabled on the system, this value must be greater than zero for Intel CSME EAP authentication.

 

Unlike AMT_8021Xprofile, IPS_IEEE8021xSettings has a SetCertificates method used to establish an assocation between the settings and both a server certificate issuer and a client certificate. A client certificate is mandatory only for EAP-TLS or EAP-FAST-TLS protocols. For other protocols it is an optional property – the 802.1x profile can be set also without using this property. The server certificate issuer is used if Intel AMT needs to be configured to trust only the server certificate that was issued by the specified certification authority.

 

See Also:

   Active/Passive Mode

 

Copyright © 2006-2022, Intel Corporation. All rights reserved.