The problem of 802.1x certificate authentication failure using the built-in client in Win 11

None

The problem of 802.1x certificate authentication failure using the built-in client in Win 11.

The Win 11 system uses its own client for 802.1x certificate authentication (including TLS and PEAP-MSchapv2), and reports an E63505 certificate authentication error. After capturing the Win11 EAP-PEAP authentication packet, it was found that in the early stage of the EAP authentication process, the server requested the identity, the client responded, and the exchange verification method process was normal. After the server sent the Server Hello exchange key, the Win11 system returned a reject authentication message. Therefore, it was determined that the problem was in the EAP authentication verification stage of the official version of Win11. According to the log collection tool provided by Microsoft, client authentication logs for the Win10 system, the official version of Win11 system, and the preview version of Win11 were collected. Microsoft identified temporary avoidance measures based on log analysis.

1)      Computer side execution script, please refer to the attachment for details.

2)      Install iNode client for authentication.