MeshCentral can now issue AMT TLS certificates using a specified custom root cert.

2025-11-07 12:52:54 -05:00 · 2021-01-20 09:54:51 -08:00
parent 62aa5e76cc
commit d3fd8e7311
4 changed files with 71 additions and 3 deletions
--- a/meshcentral-config-schema.json
+++ b/meshcentral-config-schema.json
@@ -337,6 +337,28 @@
                  "uniqueItems": true
                }
              },
+              "TlsRootCert": {
+                "description": "Specifies a certificate and private key to use to issue Intel AMT TLS certificates. By default the MeshCentral self-signed root certificate is used.",
+                "type": "object",
+                "properties": {
+                  "certpfx": {
+                    "description": "Name of the certificate file that is in .p12 or .pfx format in meshcentral-data, use this with certpfxpass.",
+                    "type": "string"
+                  },
+                  "certpfxpass": {
+                    "description": "Password for the file specified in certpfx.",
+                    "type": "string"
+                  },
+                  "certfile": {
+                    "description": "Name of the certificate file in PEM format located in meshcentral-data. Using this with keyfile.",
+                    "type": "string"
+                  },
+                  "keyfile": {
+                    "description": "Name of the private key file in PEM format located in meshcentral-data. Using this with certfile.",
+                    "type": "string"
+                  }
+                }
+              },
              "WifiProfiles": {
                "description": "List of WIFI profiles to setup in any managed Intel AMT device with a WIFI network interface.",
                "type": "array",