none
bitlocker network unlock certificate error RRS feed

  • Question

  • I am testing bitlocker network unlock on a Windows Surface 3. When I power it on, I see the DHCP request sent to the WDS server (2012 R2), but there is no response. On the WSD server Deployment-Services-Diagnostics debug log I see this message:

    [WDSServer/WDSPXE/NKPPROV] Could not find configuration by thumbprint. Certificate thumbprint = 42A450BEEA28E264663FF46734C93171F72E1ACD.

    When I look in the certificate store on the server, I see the with this thumbprint:

    ‎42 a4 50 be ea 28 e2 64 66 3f f4 67 34 c9 31 71 f7 2e 1a cd

    so I do not understand why it is not working.

    

    Thursday, September 17, 2015 8:12 PM

Answers

  • I missed this step. After entering this command it worked.

    certutil -f -addstore FVENKP BitLocker-NetworkUnlock.cer

    Thursday, October 8, 2015 1:54 PM

All replies

  • I seen this issue because the surface MAC deduplicate, that's odd but is root cause reason, may you can got help start there

    http://answers.microsoft.com/en-us/surface/forum/surf3?tab=Threads

    Tuesday, September 22, 2015 6:39 AM
  • I missed this step. After entering this command it worked.

    certutil -f -addstore FVENKP BitLocker-NetworkUnlock.cer

    Thursday, October 8, 2015 1:54 PM
  • Thank you very much for this post!

    Why dont they mention this here?

    https://technet.microsoft.com/en-us/library/jj574173.aspx

    Friday, November 6, 2015 3:29 PM
  • I found it here:

    http://download.microsoft.com/download/F/4/1/F41E0BFA-8F1B-44E3-91F0-8AF84908DCC7/Understand_and_Troubleshoot_BitLocker_in_Windows_Server_8_Beta.docx

    So it was in the 'Beta' document but left out of the latest one.

    Friday, November 6, 2015 3:36 PM
  • Hi,

    I was wondering if anyone could send me a link to this as its been pulled and I can't get network unlock to work at all.

    Banging my head against the wall as I have followed the TechNet article and nothing seems to work. Everything is where it should be and the certs all correspond, I have both desktops and Surfaces in my domain and it's not working for any, if someone could assist with something other than the troubleshooting of the TechNet that would be great.

    thanks.

    Friday, February 9, 2018 1:24 PM
  • Thank you mate.  Works like a charm ^^
    Thursday, August 8, 2019 9:29 AM