Hello. It appears the documentation for the provisioning certificate acquisition is out of date.
DigiCert confirmed that they stopped issuing public SSL certificates with the Intel vPro EKU in 2021:
https://docs.digicert.com/en/whats-new/change-log/older-changes/change-log--2021.html#february-15--2021
This seems directly at odds with this repo and documentation. What CA's are still issuing provisioning certificates?
Second, there's a global shift that NO public CA provider support client auth EKU certificates starting in June 2026, which my understanding is that Intel AMT relies upon. What happens with AMT after June 2026 when the certificate needs to be renewed?
Hello. It appears the documentation for the provisioning certificate acquisition is out of date.
DigiCert confirmed that they stopped issuing public SSL certificates with the Intel vPro EKU in 2021:
https://docs.digicert.com/en/whats-new/change-log/older-changes/change-log--2021.html#february-15--2021
This seems directly at odds with this repo and documentation. What CA's are still issuing provisioning certificates?
Second, there's a global shift that NO public CA provider support client auth EKU certificates starting in June 2026, which my understanding is that Intel AMT relies upon. What happens with AMT after June 2026 when the certificate needs to be renewed?