Results 1 to 8 of 8
  1. #1
    ROG Member Array yvesgeiser PC Specs
    yvesgeiser PC Specs
    MotherboardAsus ROG Strix X570-E Gaming
    ProcessorAMD Ryzen 5800x
    Memory (part number)G.Skill
    Graphics Card #1AMD 6900xt Red Devil Ultimate
    Graphics Card #2MSI Suprim X RTX 3090
    CPU CoolerEKWB
    CaseLian-Li
    Keyboard K915 TKL
    Mouse G903
    OS Windows 11 Pro

    Join Date
    Oct 2020
    Reputation
    10
    Posts
    11

    TPM error - SCEP Certificate enrollment initialization failed

    Hello,

    My current pretty much new setup (AMD 5800x, ROG Strix X570-E Gaming, Samsung 980pro disk, Trident Z Ram's, Logitech periphery) throws many SCEP error messages when Windows 11 is installed.

    Those messages look like this:

    SCEP Certificate enrollment initialization for SYSTEMNAME via https://AMD-KeyId-578c545f7969514212...lates/Aik/scep failed:

    GetCACaps
    GetCACaps: Not Found
    {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoft aik.azure.net\" does not exist."}
    HTTP/1.1 404 Not Found
    Date: Mon, 10 Jan 2022 07:22:58 GMT
    Content-Length: 121
    Content-Type: application/json; charset=utf-8
    X-Content-Type-Options: nosniff
    Strict-Transport-Security: max-age=31536000;includeSubDomains
    x-ms-request-id: fce56d1f-75bd-42a2-8de4-2c5c301482c7

    Method: GET(234ms)
    Stage: GetCACaps
    Nicht gefunden (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

    Does anyone know how to solve this? I managed to enable all items and my system is absolutely up to date when it comes to drivers. The OS reports all is fine with TPM. Keys are correctly set.

    Click image for larger version. 

Name:	Security processor details.jpg 
Views:	0 
Size:	85.3 KB 
ID:	91640

  2. #2
    New ROGer Array benonikenobi PC Specs
    benonikenobi PC Specs
    MotherboardAsus ROG Crosshair VIII Dark Hero
    ProcessorAMD Ryzen 9 5900X
    Memory (part number)2x32GB Crucial Ballistix 3800cl16 (BL2K32G36C16U4B)
    Graphics Card #1Asus RTX 2070 ROG Strix Gaming OC
    MonitorAcer ProDesigner PE320QK
    Storage #1Samsung 980 PRO 1TB
    Storage #2Corsair P510 1TB + WD Blue SSD 4TB
    CPU CoolerArctic Liquid Freezer II 420 PP
    CasePhanteks Eclipse P500A
    Power SupplyCorsair RM750X V2
    Keyboard Logitech MX Keys
    Mouse Logitech MX Master 3
    OS Windows 10
    Network RouterAsus RT-AX58U

    Join Date
    Aug 2019
    Reputation
    10
    Posts
    6

    Hi!

    I had the same problem after I did a clean install of windows 11 with my 5900x and Dark hero MB. I soon had problems with intermittent random freezing, no bluescreen, everything would just freeze and I had to manually reboot. Not a hundred % sure it was due to the error but when I googled the error I found a couple of threads regarding the same thing. Tried some of the suggestions but none worked. This in combo with some other issues I had I decided to reinstalled windows 10 instead. Rock solid now.

  3. #3
    ROG Guru: White Belt Array
    Join Date
    Jan 2019
    Reputation
    68
    Posts
    75

    There is this thread here that suggests to stop a scheduled task : Search for "Task Scheduler" ->drop "Microsoft" ->drop "Windows" ->click "CertificateServiceClient" -> set the "AikCertEnrollTask" to disabled.

    That will make the event viewer message disappear.

    I have some experience with certificates and also attempted to perform the enrollment directly from the command prompt, using a copy of the certificate retrieved from Microsoft, but no joy, even with the mentioned certificate correctly installed in the TPM area it still logs that error.

    Note that the TPM is used only for SecureBoot authentication and for any BitLocker storage access, but not for the drivers certificate authentication or any other certificate.

    That missing certificate is *possibly* just a certificate with which AMD signs, or signed, certain parts of their BIOS that are accessed by the SecureBoot process at boot. But if your PC already starts successfully, it may not be needed.

    My suggestion would be to ignore the message in the event viewer, AMD or Microsoft will fix it at a certain point. Note that this message only appears if you installed/upgraded Windows 11 from a previous Windows 10 installation, it does not appear if you installed Windows 11 on a fresh partition by booting from a usb or dvd copy of the installation disk.
    Last edited by Kelutrel; 01-10-2022 at 05:36 PM.

  4. #4
    New ROGer Array benonikenobi PC Specs
    benonikenobi PC Specs
    MotherboardAsus ROG Crosshair VIII Dark Hero
    ProcessorAMD Ryzen 9 5900X
    Memory (part number)2x32GB Crucial Ballistix 3800cl16 (BL2K32G36C16U4B)
    Graphics Card #1Asus RTX 2070 ROG Strix Gaming OC
    MonitorAcer ProDesigner PE320QK
    Storage #1Samsung 980 PRO 1TB
    Storage #2Corsair P510 1TB + WD Blue SSD 4TB
    CPU CoolerArctic Liquid Freezer II 420 PP
    CasePhanteks Eclipse P500A
    Power SupplyCorsair RM750X V2
    Keyboard Logitech MX Keys
    Mouse Logitech MX Master 3
    OS Windows 10
    Network RouterAsus RT-AX58U

    Join Date
    Aug 2019
    Reputation
    10
    Posts
    6

    Quote Originally Posted by Kelutrel View Post
    There is this thread here that suggests to stop a scheduled task : Search for "Task Scheduler" ->drop "Microsoft" ->drop "Windows" ->click "CertificateServiceClient" -> set the "AikCertEnrollTask" to disabled.

    That will make the event viewer message disappear.

    I have some experience with certificates and also attempted to perform the enrollment directly from the command prompt, using a copy of the certificate retrieved from Microsoft, but no joy, even with the mentioned certificate correctly installed in the TPM area it still logs that error.

    Note that the TPM is used only for SecureBoot authentication and for any BitLocker storage access, but not for the drivers certificate authentication or any other certificate.

    That missing certificate is *possibly* just a certificate with which AMD signs, or signed, certain parts of their BIOS that are accessed by the SecureBoot process at boot. But if your PC already starts successfully, it may not be needed.

    My suggestion would be to ignore the message in the event viewer, AMD or Microsoft will fix it at a certain point. Note that this message only appears if you installed/upgraded Windows 11 from a previous Windows 10 installation, it does not appear if you installed Windows 11 on a fresh partition by booting from a usb or dvd copy of the installation disk.
    I tried exactly that and my problems still persisted, computer still freezed now and again. But, my freezing might not have had anything to do with that, even though the event was logged just before the freezing occured so I´m prety sure they were contected.

    And in my case I didnt do an upgrade from win 10. I built a brand new machine with a new nvem-drive and installed win 11 from an usb-stick

  5. #5
    ROG Guru: White Belt Array
    Join Date
    Jan 2019
    Reputation
    68
    Posts
    75

    Quote Originally Posted by benonikenobi View Post
    I tried exactly that and my problems still persisted, computer still freezed now and again. But, my freezing might not have had anything to do with that, even though the event was logged just before the freezing occured so I´m prety sure they were contected.

    And in my case I didnt do an upgrade from win 10. I built a brand new machine with a new nvem-drive and installed win 11 from an usb-stick
    There is no chance that after correctly disabling the task "AikCertEnrollTask" that specific event viewer message still appears. Your problem may be something else.
    Last edited by Kelutrel; 01-11-2022 at 09:50 AM.

  6. #6
    New ROGer Array benonikenobi PC Specs
    benonikenobi PC Specs
    MotherboardAsus ROG Crosshair VIII Dark Hero
    ProcessorAMD Ryzen 9 5900X
    Memory (part number)2x32GB Crucial Ballistix 3800cl16 (BL2K32G36C16U4B)
    Graphics Card #1Asus RTX 2070 ROG Strix Gaming OC
    MonitorAcer ProDesigner PE320QK
    Storage #1Samsung 980 PRO 1TB
    Storage #2Corsair P510 1TB + WD Blue SSD 4TB
    CPU CoolerArctic Liquid Freezer II 420 PP
    CasePhanteks Eclipse P500A
    Power SupplyCorsair RM750X V2
    Keyboard Logitech MX Keys
    Mouse Logitech MX Master 3
    OS Windows 10
    Network RouterAsus RT-AX58U

    Join Date
    Aug 2019
    Reputation
    10
    Posts
    6

    Quote Originally Posted by Kelutrel View Post
    There is no chance that after correctly disabling the task "AikCertEnrollTask" that event viewer message still appears. Your problem may be due to something else.
    Sorry, I wasnt clear after disabling the task (and it was done properly) the error didnt appear again, even though another error occured instead (cant remember what that one was though). What did persist was the freezing. What I meant was that before I disabled the task the error came just before the computer freezed so in my world the two were conected.

  7. #7
    ROG Member Array yvesgeiser PC Specs
    yvesgeiser PC Specs
    MotherboardAsus ROG Strix X570-E Gaming
    ProcessorAMD Ryzen 5800x
    Memory (part number)G.Skill
    Graphics Card #1AMD 6900xt Red Devil Ultimate
    Graphics Card #2MSI Suprim X RTX 3090
    CPU CoolerEKWB
    CaseLian-Li
    Keyboard K915 TKL
    Mouse G903
    OS Windows 11 Pro

    Join Date
    Oct 2020
    Reputation
    10
    Posts
    11

    The fact is, that many if not all owners of the current AMD line up do suffer on Windows 11 with random freezes and this particular error message. And the worst thing is, that no one either from AMD or MS do care about this.

    But finally this is not the right place to post this as this is not something that ASUS can fix. For me personally this is broken and if this remains I'll switch back to Intel... they are not perfect but I can't remember that they failed on such easy tasks like certificate exchange and random freezes.

    AMD should approach MS and fix this asap. MS doesn't have to move and Intel just smileys.. and even there is a fix in the pipe... this here is an emergency fix and not tbd sometime fix.

  8. #8
    ROG Enthusiast Array
    Join Date
    Dec 2015
    Reputation
    10
    Posts
    72

    Quote Originally Posted by Kelutrel View Post
    Note that this message only appears if you installed/upgraded Windows 11 from a previous Windows 10 installation, it does not appear if you installed Windows 11 on a fresh partition by booting from a usb or dvd copy of the installation disk.
    Every single component is my PC is less than four months old. The PCIe M.2 WD 1TB drive came from the packet and had Windows 11 Pro installed. This message appears with clean installations as well.
    AMD Ryzen R9 5900X
    ASUS ROG Strix B550-E (the worst motherboard I've owned in 25 years)
    Corsair H150i Pro XT 360mm
    32GB Corsair VENGEANGE LPX 3600MHz CL18
    EVGA RTX 3080 FTW Hybrid w/ 280mm radiator
    M.2 WD 1TB SN550 | 2 * WD Blue 1TB SATA | 2 * Toshiba N300 8TB | 400TB on a 48-bay Supermicro server
    Corsair RM850X
    Fractal Meshify 2
    Microsoft Windows 11 Pro

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •