Provision of Active Management Technology (AMT) in computer systems

摘要

A method comprising: selecting a zero-touch provisioning function using an unsecured domain name server option in response to determining that a certificate hash is present and a provisioning pre-shared key is absent, wherein the zero-touch provisioning function is under Using the unsecured Domain Name Server option includes: sending an update command to a client device to verify that the client device supports Active Management Technology, generating a one-time password in a management console after receiving Active Management Technology values from a client device Storing the one-time password in a provisioning server and the client device, command to an Active Management Technology Unit to open a network interface to receive a device message, identifying the provisioning server if a full domain name is not available, authenticating A client device using the one-time password by receiving the one-time password from the client device and matching the one-time password received from the client device with the one-time password stored in the provisioning server, authenticating the provisioning server using a certificate chain by providing a self-signed certificate to the provisioning server, the client device the self-signed certificate and a keypair are generated, receiving the certificate chain-wide device message via the network interface, the certificate chain including a root-of-trust, and matching a hash value of the certificate chain with a plurality of stored hash values, verifying the provisioning server, and making a secure connection between the client device and the provisioning server, wherein the zero-touch provisioning function allows the secure connection between the client device and the provisioning server is established without initiation by a user of the client device.