search

open-amt-cloud-toolkit / rpc-go

The Remote Provisioning Client (RPC) communicates with the Manageability Engine Interface (MEI) and Remote Provisioning Service (RPS) interfaces.
https://open-amt-cloud-toolkit.github.io/docs/
Apache License 2.0
13 stars 15 forks source link

AMT is not using the self-signed certificate generated by RPC-GO local tls command for establishing the TLS connection #572

Closed mechris1 closed 1 month ago

mechris1 commented 4 months ago

AMT is not using the self-signed certificate configured using RPC-GO local tls command for TLS connection.

Note: On version AMT 16 and above, you can reproduce it by running the command once. Run the command twice to reproduce it on AMT 15 and below machines.

Steps to reproduce:

  1. Make sure AMT is activated in ACM or CCM either using rpc-go local command
  2. Configure TLS using RPC-GO local command, use the self-signed certificate option sudo ./rpc configure tls -mode Server
  3. Using MeshCommander, connect to AMT device using TLS option
  4. Notice on MeshCommander that AMT is not using the self-signed certificated created by rpc-go.

Potential Fix: If TLS is already configured, need to use a PUT TLSCredentialContext call instead of CREATE TLSCredentialContext https://github.com/open-amt-cloud-toolkit/rpc-go/blob/main/internal/local/tls.go#L182

graikhel-intel commented 1 month ago

Resolved in https://github.com/open-amt-cloud-toolkit/rpc-go/pull/604