If you will use your internal certification authority to supply the AMT provisioning certificate for out of band management in Configuration Manager 2007 SP1 and later, you will need the certificate thumbprint of your internal root certificate.
|The information in this topic applies only to Configuration Manager 2007 SP1 and later.|
Your root certificate thumbprint can be added manually in the BIOS extensions as the certificate hash option, or it can be given to your computer supplier to be included in a customized firmware image. For more information about using a customized firmware image with AMT-based computers, see Decide Whether You Need a Customized Firmware Image From Your Computer Manufacturer. For more information about the certificate requirements for out of band management, see Certificate Requirements for Out of Band Management.
Use the following procedure to locate the certificate thumbprint of your internal root certificate.
To locate the certificate thumbprint of your internal root certificate
On the computer running Certificate Services and configured as the root CA, click Start, Programs, Administrative Tools, Certification Authority.
Right-click the name of your CA, and then click Properties.
Click View Certificate.
Click the Details tab.
Scroll and select Thumbprint.
Copy the string of hexadecimal numbers to the clipboard.
Open Notepad or another text editor, and paste the string of hexadecimal numbers into the file.
Save the file, and store it securely for later reference—for example, to provide it to your computer supplier or if you need to type the string to configure the AMT certificate hash value.
In the Certificate dialog box, click OK.
Click OK, and exit Certification Authority.
ConceptsAbout AMT Provisioning for Out of Band Management
About Certificates for Out of Band Management
Step-by-Step Example Deployment of the PKI Certificates Required for AMT and Out of Band Management: Windows Server 2003 Certification Authority