Added option to not use TLS with connection to Intel AMT, usage is not recommanded.
This commit is contained in:
Ylian Saint-Hilaire
parent
4dcf4857c4
commit
b9b334e8a2
|
|
@ -533,7 +533,7 @@ module.exports.CreateAmtManager = function (parent) {
|
|||
|
||||
// Connect now
|
||||
var comm;
|
||||
if (dev.tlsfail !== true) {
|
||||
if ((dev.tlsfail !== true) && (parent.config.domains[dev.domainid].amtmanager.tlsconnections !== false)) {
|
||||
parent.debug('amt', dev.name, (dev.connType == 1) ? 'Relay-Connect' : 'LMS-Connect', "TLS", user);
|
||||
comm = CreateWsmanComm(dev.nodeid, 16993, user, pass, 1, null, ciraconn); // Perform TLS
|
||||
comm.xtlsFingerprint = 0; // Perform no certificate checking
|
||||
|
|
@ -565,7 +565,7 @@ module.exports.CreateAmtManager = function (parent) {
|
|||
|
||||
// Connect now
|
||||
var comm;
|
||||
if (dev.tlsfail !== true) {
|
||||
if ((dev.tlsfail !== true) && (parent.config.domains[dev.domainid].amtmanager.tlsconnections !== false)) {
|
||||
parent.debug('amt', dev.name, 'Direct-Connect', "TLS", dev.host, user);
|
||||
comm = CreateWsmanComm(dev.host, 16993, user, pass, 1); // Always try with TLS first
|
||||
comm.xtlsFingerprint = 0; // Perform no certificate checking
|
||||
|
|
|
|||
|
|
@ -608,6 +608,7 @@
|
|||
"additionalProperties": false,
|
||||
"description": "Information passed to the AMT manager module that impacts all Intel AMT device managed within this domain.",
|
||||
"properties": {
|
||||
"TlsConnections": { "type": "boolean", "default": true, "description": "When set to false, MeshCentral will use TLS to connect to Intel AMT, this is not recommanded." },
|
||||
"TlsAcmActivation": { "type": "boolean", "default": false, "description": "When set to false, MeshCentral will not attempt a TLS ACM activation on Intel AMT v14+" },
|
||||
"AdminAccounts": {
|
||||
"description": "List of username and passwords to try when connecting to Intel AMT.",
|
||||
|
|
|
|||
Loading…
Reference in New Issue