-
×InformationNeed Windows 11 help?Check documents on compatibility, FAQs, upgrade information and available fixes.
Windows 11 Support Center. -
-
×InformationNeed Windows 11 help?Check documents on compatibility, FAQs, upgrade information and available fixes.
Windows 11 Support Center. -
- HP Community
- Desktops
- Business PCs, Workstations and Point of Sale Systems
- ThinPro Client and 802.1x

Create an account on the HP Community to personalize your profile and ask a question
03-17-2023 08:03 AM
Hi,
I have an ThinPro Client running build 7.20 build 14 service pack 10 and I'm having issues getting the wired 802.1x configuration to work when I "Enable Machine Authentication" setting. The setup is 802.1x-PEAP, PEAP version is automatic, inner authentication MSCHAPS2 with an AD username and password. The CA Certificate for the internal MS Root CA is installed on the client. Without the Machine Authentication enabled the user authentication works fine. In the SCEP Manager I have the SCEP server named listed. When I attempt to enroll I get error SCAP Enroll Result: Key Pair not match.
Looking at the certificate I have my CA root listed and there are two certificates that appear as if they should be the machine certificate the issued to name is my CA server name and -MSCEP-RA. The Cisco ISE server logs shows the client authentication failed PEAP failed SSL / TLS handshake because the client rejected the ISE Local Certificate. Not sure this is the issue as the ISE server trust our internal CA as we have Windows Domain joined PC reporting into ISE for both user and computer security using certificates issues from the MS CA server.
Any assistance would be appreciated.
I'm investigating this issue with Cisco as well.
Thank you,
Michael