Forum Discussion
Intune certificate validation failed
We are integration our SCEP server CA with intune for that we have enrolled the windows device with intune and also configured the required SCEP CA and SCEP root trusted certificate profiles and SCEP cetificate profile in intune.
When we are sending the certificate enrollment request to the intune device then we are getting below error from windows event logsSCEP server logs
Logs from Microsoft > Windows > AAD
1. On-prem tgt error: On-prem configuration is missing
2. Http request status: 400. Method: GET Endpoint Uri: https://login.microsoftonline.com/2c8435c3-fda7-4565-83dc-b8b494c95da0/sidtoname Correlation ID: 50d654ef-5505-42f3-bc8d-94a67eb08d00
3. AAD Cloud AP plugin call Lookup name name from SID returned error: 0xC00485D3
Logs from Windows logs > application >
SCEP Certificate enrollment for Local system via http://20.4.201.252:14080/scep/intune/pkiclient.exe failed:
PkiStatus(2): SCEPDispositionFailure
FailInfo(2): SCEPFailBadRequest
EnrollStatus(256): EnrollDenied
The operation completed successfully. 0x0 (WIN32: 0)
ProcessResponseMessage
Submit(Request): OK
HTTP/1.1 200 OK
Date: Tue, 10 Oct 2023 03:36:28 GMT
Content-Length: 1792
Content-Type: application/x-pki-message
Method: POST(938ms)
Stage: ProcessResponseMessage
Unspecified error 0x80004005 (-2147467259 E_FAIL)
Logs from SCEP server as attached:
From MS Intune to SCEP: an un-expected error is encountered: {}
com.microsoft.intune.scepvalidation.IntuneClientHttpErrorException: {"error":{"code":"BadRequest","message":"{\r\n \"_version\": 3,\r\n \"Message\": \"An error has occurred - Operation ID (for customer support): 00000000-0000-0000-0000-000000000000 - Activity ID: 7b042fcb-ca17-4c4d-9400-d7ee5086aae5 - Url: https://fef.msub07.manage.microsoft.com/RACerts/StatelessScepRequestValidationService/641b43b0-ffff-3841-0902-100305042160/ScepActions/validateRequest\",\r\n \"CustomApiErrorPhrase\": \"\",\r\n
\"RetryAfter\": null,\r\n \"ErrorSourceService\": \"\",\r\n \"HttpHeaders\": \"{}\"\r\n}"}}
If anyone has any pointers please help us to solve this issues.