Article ID: 000058972 Content Type: Compatibility Last Reviewed: 12/09/2022

Does Intel® Active Management Technology (Intel® AMT) Support SHA-256?

BUILT IN - ARTICLE INTRO SECOND COMPONENT

Summary

Intel® AMT only supports Certificates of SHA-256 encryption.

Description

This article addresses Intel® AMT 14 and above and renewing the provisioning certificate on the Intel® EMA server.

Resolution

Intel® Active Management Technology (Intel® AMT) has been compatible with SHA-256 since Intel® Management Engine (Intel® ME) 11.0.
The default SHA1 certificate hashes were removed from the firmware on Intel® AMT 14 and above,
Starting from Intel® ME 15.0 firmware for the H platform, and Intel® ME 16.0 firmware for all platforms, Intel is removing support of SHA1 root certificates and RSA key sizes smaller than 2048 bits for Intel® AMT provisioning. In those releases and later, it is no longer possible to add SHA1 hashes, and none of the certificates in the certificate chain can be SHA1-based, including the root certificate.

Additional information

For more information go to Setup and Configuration of Intel® AMT > Root Certificate Hashes of Intel® AMT implementation and reference guide.

Summary
Description
Resolution
Additional information

Need more help?

Contact support

Disclaimer

¹

All postings and use of the content on this site are subject to Intel.com Terms of Use.