TPM 2.0 Error with Every Boot

Question

I installed a TPM in my home computer recently. It runs Windows 10, version 2004, build 19041.388 (64-bit) using a Local Account. The motherboard is an ASUS X99 Deluxe with the latest BIOS. I have updated the Intel ME firmware to the latest version. And I have also updated the firmware on the TPM to the latest version. All these updates were successful.

According to Windows Security, the TPM is functioning properly and is ready for storage and attestation. Likewise, tpm.msc shows that the TPM is ready for use. However, with every boot I get the following error in Event Viewer. It seems to be saying that attestation with a Microsoft server is failing.

I have cleared the TPM multiple times, and it makes no difference. And I know that I can disable the task that that is failing (AikCertEnrollTask), but I would really like to solve the underlying issue. Anyone have an idea? I am stumped!

CertificateServicesClient-CertEnroll: Event ID 87

SCEP Certificate enrollment for Workgroup\OfficePC$ via https://IFX-KeyId-XXXXXXXXXXX.microsoftaik.azure.net/templates/Aik/scep failed:
.....
TPM 2.0: Public and sensitive portions of an object are not cryptographically bound. 0x802800a5 (-2144862043)

--D. Miner

Answer 1

Hi Miner,

As I know, if we have a TPM and an EK (Endorsement Key) cert, then this AikCertEnrollTask task will be triggered to attempt to enroll for an attested AIK (Attestation Identity Key - https://www.trustedcomputinggroup.org/wp-content/uploads/IWG-AIK-CMC-enrollment-FAQ.pdf) cert from a Microsoft cloud CA. Part of the DNS name in the URL is constructed from information in the EK cert supplied by the hardware manufacturer. If the enrollment attempt is successful, and the AIK cert is not consumed by any application, the task will never be triggered again. If the attempt fails, it will be triggered will varying amounts of delay up to several times, then it will give up and never be triggered again.
The AIK cert is placed in a pool to be made available to an application that wishes to use key attestation to make service access credentials non-portable. If the AIK key and cert are consumed by an application, then the task will be triggered again to replace the AIK key and cert in the pool.
I think if you manually disable the task, it will not be re-enabled any more. Try to test on your side and feedback the result to us.
Bests,

Answer 2

Yes, if I manually disable the AikCertEnrollTask task, then the error disappears from Event Viewer.

I have noted that disabling AikCertEnrollTask also results in the Tpm-Maintenance task returning the following result: "The task is disabled. (0x80041326)"

I am not aware of the need for an attested AIK on this computer (and I don't even know what Tpm-Maintenance even does), so I will follow your advice to disable the task that tries to enroll the AIK certificate...and hope for the best.

Thanks!

Answer 3

Hi Miner,

Did you deployed or trying to deploy a SCEP certificate to a group of Windows 10 devices?

As I noticed the certificate fails to install and Event ID 87 logged as you posted, most of time it shows if the Certification Authority (CA) is missing SMIME application policy.

Try to run the following command to verify if SMIME policy is enabled on the CA:

certutil -getreg policy\editflags

You will see output similar to the following:

EditFlags REG_DWORD = 10014e (1048910)
EDITF_REQUESTEXTENSIONLIST -- 2
EDITF_DISABLEEXTENSIONLIST -- 4
EDITF_ADDOLDKEYUSAGE -- 8
EDITF_BASICCONSTRAINTSCRITICAL -- 40 (64)
EDITF_ENABLEAKIKEYID -- 100 (256)
EDITF_ENABLECHASECLIENTDC -- 100000 (1048576)

Please notice how EDITF_ENABLEDEFAULTSMIME is missing from the output shown above. This indicates that the SMIME policy is not enabled.

To resolve this problem, run the following command on the CA to enable SMIME policy:

certutil -setreg policy\EditFlags +EDITF_ENABLEDEFAULTSMIME

You should see output similar to the following:

*HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\corp-WIN2K12-CA\PolicyModules\CertificateAuthority
_MicrosoftDefault.Policy\EditFlags:

Old Value:
EditFlags REG_DWORD = 10014e (1048910)
EDITF_REQUESTEXTENSIONLIST -- 2
EDITF_DISABLEEXTENSIONLIST -- 4
EDITF_ADDOLDKEYUSAGE -- 8
EDITF_BASICCONSTRAINTSCRITICAL -- 40 (64)
EDITF_ENABLEAKIKEYID -- 100 (256)
EDITF_ENABLECHASECLIENTDC -- 100000 (1048576)

New Value:
EditFlags REG_DWORD = 11014e (1114446)
EDITF_REQUESTEXTENSIONLIST -- 2
EDITF_DISABLEEXTENSIONLIST -- 4
EDITF_ADDOLDKEYUSAGE -- 8
EDITF_BASICCONSTRAINTSCRITICAL -- 40 (64)
EDITF_ENABLEAKIKEYID -- 100 (256)
EDITF_ENABLEDEFAULTSMIME -- 10000 (65536)
EDITF_ENABLECHASECLIENTDC -- 100000 (1048576)

CertUtil: -setreg command completed successfully.*

Restart the CertSvc service for the changes to take effect. The next time the device syncs, it will be triggered to do another SCEP enrollment and this time succeed.

Bests,

Answer 4

Thank you for responding! This is a stand-alone computer. It is not connected to any domain, and there is no CA on my side to configure. The failed certificate is generated by a default task in Windows 10 Pro: AikCertEnrollTask. I had assumed that the OS is trying to verify that the TPM is authentic by phoning home to a Microsoft server. The attestation fails with Event ID 87.

Answer 5

I delet AikCertEnrollTask to test and bug is gone. I export the task for backup, but cant import back.
Nice work MS NOT!!!