Сбой инициализации регистрации сертификата scep workgroup windows 10

Question

Issue: How to fix SCEP Certificate enrollment initialization failed error in Windows?

Hi, I’d like to ask/get help with the SCEP Certificate enrollment initialization failed error I randomly get throughout the day when using my computer. I’m running Windows 10.

Solved Answer

SCEP (Simple Certificate Enrollment Protocol) is an integral part of network security systems, offering a standardized way to securely issue and manage digital certificates for devices and applications. However, in certain Windows environments, users may encounter the “SCEP Certificate Enrollment Initialization Failed” error, which can disrupt normal system operations. This error often arises in gaming contexts, particularly in systems utilizing AMD GPUs. It is crucial to understand this problem, as it affects not only the gaming experience but also the overall system security.

The SCEP Certificate Enrollment Initialization Failed error is typically an indication that the SCEP client on a computer cannot initialize a session with the SCEP server for certificate enrollment. This could result from a wide range of issues, such as network connectivity problems, incorrect configuration settings, or potential bugs in software.

In the context of gaming on Windows machines equipped with AMD GPUs, this error may be triggered during the game’s demand for cryptographic services. Games often require secure connections for online play and other features, for which they rely on Windows’ cryptographic services. These services, in turn, require valid certificates to authenticate and ensure secure communication.

When the SCEP Certificate Enrollment Initialization fails, it disrupts the chain of trust, inhibiting the game from establishing a secure connection, which can lead to abrupt crashes or gameplay disturbances. This can be particularly frustrating for users as it occurs during gameplay and often without warning.

In the case of systems with AMD GPUs, the issue can be compounded due to the GPU’s unique requirements for driver and firmware updates, which also rely on secure certificate-based processes. If the SCEP client fails to initialize a certificate enrollment session, it could impact the GPU’s ability to update or communicate securely with the system, leading to performance issues and the aforementioned error during gameplay.

Therefore, resolving the SCEP Certificate Enrollment Initialization Failed error is not just crucial for uninterrupted gaming but also for maintaining the overall health and security of the system. Below we provide several methods that should help you fix the problem. Before proceeding with manual solutions, we recommend trying an automatic approach with FortectMac Washing Machine X9.

Fix 1. Update your AMD drivers

We recommend starting with updating your AMD drivers. You can do this in several ways – either employ an automatic driver updater such as DriverFix or visit AMD’s website to download them manually. Alternatively, you could also ensure that all your Windows updates are installed:

• Type Updates in Windows search and press Enter.
• Here, click Check for updates, and Windows will check if there are new updates available.
• If optional packages are offered, install them too.
• Once done, restart your PC and see if your problem is resolved.

Fix 2. Reinstall your drivers

If updating drivers did not help, you should reinstall them instead:

• Right-click on the Start button and select Device Manager from the context menu.
• Find the Display adaptors section and expand it.
• Right-click on your device and select Uninstall device. A pop-up window will appear asking if you want to confirm the uninstallation – click Yes.
• After the driver is uninstalled, restart your computer.
• After a restart, use one of the methods described above to install the latest drivers.

Fix 3. Disable XMP or other overclocking

Disabling XMP (Extreme Memory Profile) and overclocking could potentially resolve the SCEP Certificate Enrollment Initialization Failed error. XMP, a technology developed by Intel, allows your system to set memory settings, such as frequency and timings, automatically for higher performance.

However, using XMP or overclocking can sometimes lead to system instability, causing a range of issues, including the SCEP error. The instability arises because these features push hardware components beyond their factory-set limits, which might interfere with secure certificate-based processes, such as those required by SCEP.

Fix 4. Run SFC and DISM scans

Ensure that system files or the registry entries aren’t damaged by running commands in elevated Command Prompt:

• Type cmd in Windows search.
• Right-click on Command Prompt and select Run as administrator.
• Type sfc /scannow command and press Enter.
• Wait till Windows runs a check and reboot your device to see if the errors were fixed.
• If SFC was unable to repair damaged files, run the set of following commands:
  Dism /Online /Cleanup-Image /CheckHealth
  Dism /Online /Cleanup-Image /ScanHealth
  Dism /Online /Cleanup-Image /RestoreHealth
• Close down the Command Prompt and restart the PC.

Fix 5. Check hardware specifications

It was pointed out by some users that PSU was simply not powerful enough to run certain graphics cards from AMD. To check this, you would have to dig into the specifications of both your GPU and PSU. For reference, please visit the official websites of your hardware manufacturers.

Fix 6. Check your RAM

• Type Windows Memory Diagnostic in Windows search and press Enter.
• A new, small window will open.
• You can either choose to Restart now or Check for problems next time I start my computer.
• If you choose the first option, your PC will immediately restart, and the check begin.
• In the second case, you will have to restart your PC yourself to begin the check.
• You can check the results in the Event Viewer (go to Windows logs > right-click System and select Find > type in MemoryDiagnostics-Results and click OK).

Repair your Errors automatically

ugetfix.com team is trying to do its best to help users find the best solutions for eliminating their errors. If you don’t want to struggle with manual repair techniques, please use the automatic software. All recommended products have been tested and approved by our professionals. Tools that you can use to fix your error are listed bellow:

Facing Event ID 86 SCEP certificate enrollment initialization failed error can be a common issue in Windows 11/10. Known to maintain Windows event log this problem often appears when the Active Directory Certificate Services is unable to use the encryption key provider specified in the registry which can be related to the TPM, BIOS, or corrupted Windows updates or drivers.

Sometimes, the error may also cause the device to shut down or temporarily halt with a DPC_WATCHDOG_VIOLATION Blue Screen. The error message includes details such as the log name, source, and event ID. To resolve the issue, you can try running an SFC scan, turning off all the background apps, temporarily disabling the antivirus, or uninstalling a recent Windows update that may be causing the problem. Additionally, you may need to check the TPM and BIOS settings, as well as ensure that all necessary updates and drivers are properly installed and up-to-date. See: Fix Event ID 2545 microsoft-windows-devicemanagement-enterprise-diagnostics-provider.

Here is how to fix Event ID 86 SCEP Certificate enrollment initialization Failed in Windows 11 or 10:

Way-1: Use System Restore to fix the Issue

One of the easiest ways to resolve the Event ID 86 SCEP error is by running a system restore. This method is nothing but the execution of a feature that allows the restoration of system files to a previous point in time, which can help fix various issues related to software installation, update, and configuration changes.

If you encounter the Event ID 86 error after making changes to your system, such as installing new software or updates, restoring the system to a previous restore point may help fix it. Here are the steps to be followed:

1. Click the Start.
2. Type – Restore.
3. Select Create a Restore point.
4. Then click on System Restore.

1. Check the option Choose a different restore point if it is showing.
2. Click Next.
3. Select the date and time when your PC worked flawlessly, then click Next.
4. Then, click the Finish button.
5. At last, on the confirmation dialog, select Yes.

Way-2: Update Device Drivers

Device Drivers are known to link hardware components like printer, network adapter, and graphics card to a system via software. Errors like Event ID 86 might appear if your device drivers are outdated or showing inappropriate behavior.

Updating them might help to resolve such problems on Windows 11/10 and also guarantee that they are compatible with your system and up to date. Additionally, before updating your device drivers, it is recommended that you create a restore point or backup your important data to avoid any potential issues that may arise during the process. So, head to the below-mentioned steps:

1. Press Windows + R.
2. Then, type devmgmt.msc, and click OK.
3. Double click on Display adapters.
4. Right-click on one device and select – Update driver.
5. Select the option – Search automatically for drivers.

1. If this process does not help then choose – Browse my computer drivers.
2. On the next window, click on – Let me pick from a list of available drivers on my computer.
3. Select the Model and click on Next.
4. In the end, reboot the PC and check if the issue does not persist.

Go through: How to update drivers in Windows 11 (Best ways).

Way-3: Fix Event ID 86 by Removing Recent Windows Updates

If you are still facing tremendous trouble, it’s time, in your Windows 11/10 that you uninstall or remove recent Windows updates that may resolve this SCEP Certificate enrollment initialization failed issue. Event ID 86 can occur if an update is incompatible or includes some bugs. Follow these steps to remove it:

1. Click on Search.
2. Type updates.
3. Press Enter.
4. Then, click on Update history.
5. On the next page, scroll down to the bottom and click on – Uninstall updates.
6. Find the most recent update and click the Uninstall link.

1. Select “Uninstall”.

Way-4: Troubleshoot the Error with BIOS Update

Errors like Event ID 86 can be sorted or resolved by updating your BIOS (Basic Input/Output System) as it is in charge of controlling your computer’s hardware components, including communication between the operating system and the hardware. A faulty or damaged BIOS can cause a variety of problems, including the one discussed in this blog.

However, updating your BIOS can be a difficult process, so it is best to carefully follow the manufacturer’s instructions and back up your important data before attempting it. Furthermore, updating it may not always resolve the problem because there may be other underlying factors that contribute to the error.

Before we move on to the steps we need to make things very clear that the steps are designed for PCs or Laptops manufactured by HP, in case your system is manufactured by some other brand the steps may differ.

1. Go to the HP driver and software download page, choose your product from the drop-down menu, and then enter your serial number or computer model.
2. Select your operating system and version, then click Submit.
3. Click the plus (+) button next to All Drivers, then the plus (+) button next to BIOS to expand it and see available upgrades, and then click Download.
4. Double-click the downloaded exe file, then follow the on-screen directions to finish the installation.
5. Restart your computer.
6. During startup, select the Apply Update Now option.

Get help from: Windows 10 – 5 Ways To Know BIOS Version of MotherBoard.

Way-5: Try Analyzing Minidump Files

These files are another vital solution when it comes to resolving the Event ID 86 SCEP Certificate enrollment initialization failed problem on your Windows 11/10. Minidump files are nothing but short memory dump files containing information on the status of the system at the moment of a crash or error. See: WhoCrashed: A Tool to analyze Dump and reveal culprit driver on Windows.

You may be able to establish the reason for the concerned error and take suitable action to solve it by analyzing the minidump files. BlueScreenView or WinDbg may be used to inspect minidump files. Here are the general steps to be followed:

1. Navigate to the folder containing the minidump files in File Explorer (usually %SystemRoot%\MEMORY.DMP or C:\Windows\memory.dmp).
2. Configure your system to produce minidump files if the folder is empty or does not exist.
3. Analyze the minidump files using a program such as BlueScreenView or WinDbg.
4. BlueScreenView has a rather more user-friendly interface for viewing minidump files, whereas WinDbg necessitates more technical expertise.
5. After analyzing the minidump files, you may utilize the information to identify and resolve the problem.

Read: Dump File Location Windows 11 or 10.

We hope with these 5 ways you must be able to resolve this Event ID 86 issue with ease.

Methods:
Way-1: Use System Restore to fix the Issue
Way-2: Update Device Drivers
Way-3: Fix Event ID 86 by Removing Recent Windows Updates
Way-4: Troubleshoot the Error with BIOS Update
Way-5: Try Analyzing Minidump Files

That’s All!

Repair any Windows problems such as Blue/Black Screen, DLL, Exe, application, Regisrty error and quickly recover system from issues using Reimage.

• • Поделиться

Суть и описание Вашей проблемы:

Привет всем! Комп зависает на DRAM. В AIDA64 нашёл ошибку:

Сбой инициализации регистрации сертификата SCEP WORKGROUP\WIN-R75ARDLHKBL$ через https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{«Message»:»The authority \»amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\» does not exist.»}
HTTP/1.1 404 Not Found
Date: Sun, 18 Dec 2022 06:16:23 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: af253a17-e2ed-4bae-9505-8335f15311ee

Метод: GET(406ms)
Стадия: GetCACaps
Не найдено (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Как фиксить?
 

---

Когда (после чего) появилась проблема:

Появилась не понятно из-за чего, скорей всего после чистки.

---

Ваши действия по решению проблемы:

Проверял операвтику MEMTEST
 

---

Комплектующие ПК:

Материнская плата: x470 aorus ultra gamong

Процессор: r7 1700x

Оперативная память: 8gbx2 ddr4 Predator 2666

Видеокарта: Rx 590

Накопители (HDD/SDD): ssd 240+hdd 2tb

Блок питания: 650W 

Сис-ма охлаждения: Snowman

---

Операционная система: {«1″:»Windows 10»}

---

• Цитата

Ссылка на комментарий

Поделиться на другие сайты

---

• 21 дек
  

  Wolf изменил название на ПК зависает на DRAM. Сбой инициализации регистрации сертификата SCEP

• Автор

• • Поделиться

18 часов назад, MelRom сказал:

пробовал не помогает

• Цитата

Ссылка на комментарий

Поделиться на другие сайты

---

• • Поделиться

2 часа назад, 6nightmare9 сказал:

отключите(Disabled) в биосе memory fastboot

• Цитата

Ссылка на комментарий

Поделиться на другие сайты

---

• Автор

• • Поделиться

1 час назад, Ryzen сказал:

отключите(Disabled) в биосе memory fastboot

Тоже отключал, не особо помогло. Этот вылет вообще рандомный. Я могу два дня играть и работать, всё будет ок. Могу по 10 раз за час вылететь.

• Цитата

Ссылка на комментарий

Поделиться на другие сайты

---

• • Поделиться

11 часов назад, 6nightmare9 сказал:

Тоже отключал, не особо помогло. Этот вылет вообще рандомный. Я могу два дня играть и работать, всё будет ок. Могу по 10 раз за час вылететь.

Именно такое же поведение у меня было. Вылечилось откоючением memory fastboot.

Ссылка на комментарий

Поделиться на другие сайты

---

• Автор

• • Поделиться

6 часов назад, Ryzen сказал:

Именно такое же поведение у меня было. Вылечилось откоючением memory fastboot.

можешь конкретно подсказать где эта фигня, а то aorus’овском биосе не могу найти

• Цитата

Ссылка на комментарий

Поделиться на другие сайты

---

• • Поделиться

12 минут назад, 6nightmare9 сказал:

можешь конкретно подсказать где эта фигня, а то aorus’овском биосе не могу найти

Доброго дня. Вот тут посмотрите или здесь

Изменено 23 декабря, 2022 пользователем Std_fast

• Цитата

Ссылка на комментарий

Поделиться на другие сайты

---

• • Поделиться

1 минуту назад, 6nightmare9 сказал:

Стр. 16

Да и я немного ссылки поправил посмотрите еще раз их

Просто искал сам

• Цитата

Ссылка на комментарий

Поделиться на другие сайты

---

• Автор

• • Поделиться

35 минут назад, Std_fast сказал:

Стр. 16

Да и я немного ссылки поправил посмотрите еще раз их

Просто искал сам

Чёт в упор не вижу, можете пожалуйста показать куда смотреть?

• Цитата

Ссылка на комментарий

Поделиться на другие сайты

---

• • Поделиться

10 минут назад, 6nightmare9 сказал:

Чёт в упор не вижу, можете пожалуйста показать куда смотреть?

Вот в этом разделе, должно быть, проверяйте

или как вариант, если используете не advanced режим, то должно быть вот так при заходе в UEFI

Поэтому я и не люблю Gygabite из-за его хрен поймешь где найдешь — биоса, нужно весь мозг сломать, чтобы нужное найти

• Цитата

Ссылка на комментарий

Поделиться на другие сайты

---

• Автор

• • Поделиться

1 час назад, Std_fast сказал:

Вот в этом разделе, должно быть, проверяйте

или как вариант, если используете не advanced режим, то должно быть вот так при заходе в UEFI

Поэтому я и не люблю Gygabite из-за его хрен поймешь где найдешь — биоса, нужно весь мозг сломать, чтобы нужное найти

не помогло( только что вылетел

• Цитата

Ссылка на комментарий

Поделиться на другие сайты

---

• • Поделиться

В 23.12.2022 в 14:50, 6nightmare9 сказал:

можешь конкретно подсказать где эта фигня, а то aorus’овском биосе не могу найти

В биосе, настройки CPU ищи, далее AMD CBS > UMC Common Options > DDR Options > DDR Memory Features > Memory Context Restore > Disable

Комп будет включаться после этого секунд на 20 дольше, это нормально.

Отпишись по результатам

• Цитата

Ссылка на комментарий

Поделиться на другие сайты

---

• • Поделиться

В 23.12.2022 в 17:09, 6nightmare9 сказал:

не помогло( только что вылетел

вам посоветовали не совсем то. Фастбут обычный не имеет отношения к памяти.

• Цитата

Ссылка на комментарий

Поделиться на другие сайты

---

• Автор

• • Поделиться

8 минут назад, Ryzen сказал:

вам посоветовали не совсем то. Фастбут обычный не имеет отношения к памяти.

Чёь дальле не нашёл

• Цитата

Ссылка на комментарий

Поделиться на другие сайты

---

• • Поделиться

9 минут назад, 6nightmare9 сказал:

Чёь дальле не нашёл

хм, наверно в 470 чипсете нет такой опции.

А нет ничего связанного с memory fastboot?

• Цитата

Ссылка на комментарий

Поделиться на другие сайты

---

• Автор

• • Поделиться

Только что, Ryzen сказал:

хм, наверно в 470 чипсете нет такой опции.

А нет ничего связанного с memory fastboot?

сейчас пофоткаю)

5 минут назад, Ryzen сказал:

хм, наверно в 470 чипсете нет такой опции.

А нет ничего связанного с memory fastboot?

самая последняя это UMC Common->MBIST

• Цитата

Ссылка на комментарий

Поделиться на другие сайты

---

• Решение

• Автор
• Решение

• • Поделиться

Итого: оперативка сдохла
 

Ссылка на комментарий

Поделиться на другие сайты

---

• • Поделиться

Доброго дня. Хорошо, что решение нашлось.

• Цитата

Ссылка на комментарий

Поделиться на другие сайты

---

• • Поделиться

В 21.12.2022 в 21:36, 6nightmare9 сказал:

Комп зависает на DRAM.

14 минут назад, 6nightmare9 сказал:

Итого: оперативка сдохла

вот это поворот!

Ссылка на комментарий

Поделиться на другие сайты

---

Hello at random time the screen of my laptop goes out. After the reboot, everything works fine, until the next error. In the «event viewer» written on it. Failed to initialize registration of the workgroup pass certificate\desktop-O6P8A4U$ via https://AMD-KeyId-cece5839a5e6a5c880da8095483b1d9a45dc8a86.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{«Message»: «authority \» amd-keyid-cece5839a5e6a5c880da8095483b1d9a45dc8a86.microsoftaik.azure.net » it doesn’t exist.»}
HTTP / 1.1 404 not found
Cache-control: no-cache
Date: Wed, 29 Jan 2020 00: 36: 24 GMT
Pragma: no-cache
Content-Length: 121
Content-type: application / json; charset=utf-8
Validity period: -1
sms-request-id: 4832ed95-ae33-4aec-bd09-5697e18fdb35
Strict transport security: Max-age=31536000;includeSubDomains
X-content type-options: nosniff

Method: GET(1547ms)
Stage: Getcacaps
(404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

How do I fix this? Sorry my bad English

One of the most significant challenges that most enterprises experience when installing certificates is the smooth issuance of these certificates, especially when there are many devices to care for. Since most of these enterprises rely on MDMs such as Intune or Jamf, it is critical to properly configure the interaction between these MDMs and the Certificate Authority (CA) for effective certificate issuance.

SCEP (Simple Certificate Enrollment Protocol) is a protocol that automates this procedure by enrolling managed devices with digital certificates without requiring end-user intervention. But that’s easier said than done, you might encounter frequent SCEP Certificate Enrollment errors in the onboarding process, and we are here to assist you in resolving these errors.

Error: SCEP Certificate Enrollment Initialization for Workgroup

Before trying anything too technical, you must try implementing the following instructions from Microsoft support whenever you face some minor glitches or issues involving SCEP certificate requests.

1st Remedy

• Open the Services snap-in on the connector-installed server. To do so, open the Start menu, type msc into the search box, and then choose Services from the results list.
• Restart the Intune Connector Service from the Services snap-in.
• Check the HKLMSoftwareMicrosoftMicrosoftIntuneNDESConnector registry subkey to ensure that the registry keys were generated in the manner shown in the figure.

Source

2nd Remedy

• Open the registry on the NDES machine and look for the following subkey:

HKEY LOCAL Machine\Software\Microsoft\Cryptography\MSCEP

• Restart the server after changing the template values to the default (IPSECIntermediateOffline).
• Check the HKEY_LOCAL_Machine\Software\Microsoft\MicrosoftIntune\NDESConnector when the server restarts. The signing certificates should now be visible.
• Change the template name under HKEY_LOCAL_Machine\Software\Microsoft\Cryptography\MSCEP to the custom template name that was established for SCEP and NDES when the keys were created.

Error Caused due to TPM Upgrade

A TPM (Trusted Platform Module) is a cryptoprocessor that enhances the security of any hardware-based system by generating and securely storing cryptographic keys. It is usually located on your system’s hardware (primarily the motherboard), occasionally independent from the memory and the primary CPU.

You might also face SCEP Certificate enrollment issues while switching to Windows 11, as TPM 2.0 has been made mandatory for installing/migrating to Windows by Microsoft in their latest hardware requirements list.

There is a fair chance that this error can be resolved with the latest update of the Dev-Build in your operating system. Meanwhile, you can cross-examine all the hardware associated with the new operating system, including the latest update of the associated drivers.

It is always advisable to follow some latest guidelines to troubleshoot the TPM errors before escalating it to Microsoft Support.

• You can reset the TPM to its factory default settings and let Windows re-initialize it. This can be done by clearing all the keys from the TPM.
• If you are using TPM 2.0 and are not identified by Windows, ensure that your computer hardware has a Trusted Computing Group-compliant Unified Extensible Firmware Interface (UEFI). Also, verify that the TPM is not deactivated from the operating system in the UEFI settings.
• If you are using TPM 1.2 and Windows 10, version 1507 or 1511, or Windows 11, the TPM could well be switched off and must be reactivated, as stated in Turn on the TPM. When you restart it, Windows will re-initialize it.
• Check which TPM driver is installed on the machine if you’re attempting to set up BitLocker with the TPM. Microsoft recommends always using one of the TPM drivers provided by them that is BitLocker protected.
  • If you install a non-Microsoft TPM driver, it may prevent the default TPM driver from launching and cause BitLocker to indicate that there is no TPM on the system. Remove any non-Microsoft drivers before allowing the operating system to initialize the TPM.

Smooth SCEP Certificate Enrollment

To effectively manage the entire SCEP certificate onboarding and minimize configuration errors, your organization must be backed by a reliable PKI for certificate enrollment (and future management). Otherwise, you’ll probably end up manually installing each certificate, which may be time-consuming and error-prone like the ones we previously encountered.

The good news is that Securew2’s Cloud Managed PKI integrates with all major vendors, including Intune and Jamf. It’s also designed to work with your existing architecture, minimizing errors and avoiding costly infrastructure upgrades.

Our PKI automatically enrolls managed devices in certificate-based authentication and can issue certificates through any MDM using our efficient API Gateways. Furthermore, our user-friendly management interface enables you to address the whole certificate lifecycle by providing several certificate management features. In our management portal, you can even modify your certificates with dozens of policies, providing the perfect authentication solution for your unique needs.

The list does not end here;  we also provide industry-unique enhancements for your favorite MDMs like Intune and Jamf – our most recent upgrade is a certificate auto revocation on expiry feature. We believe in constantly upgrading ourselves in order to retain our ever-expanding consumer base. If you’re willing to broaden your cybersecurity horizons, check out our prices to learn more.

Learn about this author