I have an non domain-joined machine using CEP/CES to request certificates (which is working fine) and when I try to enroll on behalf of another user I get a dialog asking me to select my enrollment agent certificate but no certificates are listed.
I do have the enrollment agent certificate loaded in my personal store and the EKU does containCertificate Request Agent (1.3.1.4.1.311.20.2.1). I have deleted and re-enrolled this cert several times and I’ve tried using the computer version of it with the same results. Currently I am using the out-of-the-box template of the user enrollment agent but I have tried different variations of the template.
I have seen a few other posts regarding similar issues but those either don't apply to my problem or don't contain a resolution so I'm reaching out to you guys for a point in the right direction.
Thanks!!