HP Sure Recover User Guide
Start-Sleep -Seconds 3
$p = New-HPSureRecoverDeprovisionPayload `
-SigningKeyPassword $skpw `
-SigningKeyFile "$path\sk.pfx"
$p | Set-HPSecurePlatformPayload
Start-Sleep -Seconds 3
Write-host 'Deprovisioning P21'
$p = New-HPSecurePlatformDeprovisioningPayload `
-verbose `
-EndorsementKeyPassword $pw `
-EndorsementKeyFile "$Path\kek.pfx"
$p | Set-HPSecurePlatformPayload
Write-Host 'Final secure platform state:'
Get-HPSecurePlatformState
}
Generiranje vzorčnega ključa s kompletom OpenSSL
Zasebne ključe shranite na varnem mestu. Javni ključi bodo uporabljeni za preverjanje in jih je treba zagotoviti
med omogočanjem. Dolžina teh ključev mora biti 2048 bitov in morajo uporabljati eksponent 0x10001.
Zadevo v primerih zamenjajte s podatki o svoji organizaciji.
Preden nadaljujete, nastavite naslednjo spremenljivko okolja:
set OPENSSL_CONF=<path>\openssl.cnf
# Create a self-signed root CA certificate for testing
openssl req -sha256 -nodes -x509 -newkey rsa:2048 -keyout ca.key -out
ca.crt -subj
"/C=US/ST=State/L=City/O=Company/OU=Org/CN=www.example.com“
# Create a key endorsement certificate
openssl req -sha256 -nodes -newkey rsa:2048 -keyout kek.key -out kek.csr -
subj
"/C=US/ST=State/L=City/O=Company/OU=Org/CN=www.example.com“
openssl x509 -req -sha256 -in kek.csr -CA ca.crt -CAkey ca.key -
CAcreateserial -out kek.crt
14 Poglavje 4 Delo s pripomočkom HP Client Management Script Library (CMSL)