METHOD OF PROTECTING MACHINE CERTIFICATES ISSUED TO LINUX CLIENTS OBTAINED BY USING SCEP PROTOCOL BY ENCRYPTING WITH A TPM DEVICE

Inventor(s)

HP INCFollow

Abstract

The implemented solution leverages TPM as a security facility and streamlines the process from SCEP

enrollment and renewal to get certificate and private key till the private key being used by a WPA

Supplicant to get authenticated and authorized to access a secure network via 802.1x protocol. During the

whole process, the administrator, who manages certificates and configures network settings, just needs to

configure SCEP Client and 802.1x network as normal, except two extra steps to set TPM passwords and

enable TPM. Besides configuring all settings in local GUI, there is a set of command line tool. The actual

administrative efforts can be further reduced by executing command lines remotely in a mass deployment

scenario. The administrator can run command line remotely via a secure channel to get everything setup.

Creative Commons License

This work is licensed under a Creative Commons Attribution-Share Alike 4.0 License.

Recommended Citation

INC, HP, "METHOD OF PROTECTING MACHINE CERTIFICATES ISSUED TO LINUX CLIENTS OBTAINED BY USING SCEP PROTOCOL BY ENCRYPTING WITH A TPM DEVICE", Technical Disclosure Commons, (December 19, 2019)
https://www.tdcommons.org/dpubs_series/2796