This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 11%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
Hello,
I am following this guide to set up always on VPN: https://www.youtube.com/watch?v=aZ-thDAfuBM
When I get to the step at 1:04:30, I noticed that the user certificate had not been issued to my test machine despite adding my user to the correct VPN users group. I also confirmed that VPN computer certs, NPS server certs, and VPN server certs are being issued correctly but the user cert never makes it to my machine. Is there something I am missing?
In fact, when I go to our internal CA I see that the cert was created but never made it to my machine.
Can you describe your configuration and policy settings? How did you configure user certificate autoenrollment?
It turns out I was looking in the wrong place. Here is the answer:
You must look in the "Certificates - Current User" snap-in, not the local computer certificates for user-based certificates.
Hello @Brian S
Most likely it is a failure or misconfiguration in the policies for autoenrollment of the device. I would recommend to check the next article to set up the GPOs
Hope this helps with your query,
---------
--If the reply is helpful, please Upvote and Accept as answer--
Hello, thank you for your answer but it turns out I was looking in the wrong place. For anyone wondering, you must look in the "Certificates - Current User" snap-in, not the local computer certificates.