We recently identified and resolved a SCEP service issue that impacted a subset of customers using Microsoft Intune. The issue was triggered after a library upgrade introduced stricter enforcement of certificate standards, in line with RFC 5280, Section 4.2.1.1.
Specifically, the updated library began rejecting certificate requests where the Authority Key Identifier extension was incorrectly marked as critical, a violation of the RFC, but a configuration sometimes present in temporary certificates generated by Intune.
We’re taking additional steps to improve visibility into similar edge cases going forward. If you have questions or continue to experience issues, please contact our support team.