Intune PKCS Certificate does not get installed on Client

Copper Contributor

Hi,

I am testing the deployment of a user certificate via Device Configuration Policy (Windows 10 - PKCS certificate).

 

Now, the certificate is requested, and in the logs of the CA, I see that the PKCS request was successful.

I can also see the requested certificate for the user on the Configuration Profile under "Certificates."

 

Soon, I realize that the report shows an error without an error code, and the certificate is not installed. After waiting for a couple of hours, I notice that Intune reports success, and the certificate is installed.

 

It seems that Intune retrieves the certificate very quickly, within a couple of minutes, but then cannot install it on the client immediately. Instead, it attempts installation again after a couple of hours, where it succeeds. The client remains connected to the network throughout.

 

Is this normal behavior, or am I missing something?

 

1 Reply

Hi @Davide820, from my experience it could take a while (but not hours) to get the user certificate after the user logs in to the device the first time, but it all depends on the Intune sync. Here is a good Reddit post talking about the same topic as your question: Speed up user cert delivery to laptop after Autopilot : r/Intune (reddit.com)