Microsoft recently announced support for strong certificate mapping for certificates Intune PKCS and SCEP certificates. Administrators are encouraged to update their Intune Certificate Connector servers and SCEP device configuration policies to support this capability as soon as possible.
PKCS
Organizations that use PKCS device configuration policies to deploy certificates to Intune-managed endpoints may have encountered the following error message in the event log on the Intune Certificate Connector server.
System.NullReferenceException: CertEnroll::CX509Extension::Initialize: Invalid pointer 0x80004003 (-2147467261 E_POINTER) at CERTENROLLLib.IX509Extension.Initialize(CObjectId pObjectId, EncodingType Encoding, String strEncodedData)
Known Issue
The above error is a known issue that has been resolved with the November security updates. If you encounter this error, install the latest Microsoft security update from November 2024.
Additional Information
Strong Certificate Mapping for Intune PKCS and SCEP Certificates