Troubleshoot Secure Access Error "Posture Registration Failure. Endpoint Lacks Hardware Security. Please Contact Support if the Error Persists."

Available Languages

Download Options

  • PDF     (111.8 KB)
    View with Adobe Reader on a variety of devices
  • ePub     (192.3 KB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (99.5 KB)
    View on Kindle device or Kindle app on multiple devices
Updated:November 8, 2023
Document ID:221184

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

    Introduction

    This document describes missing hardware requirements on Mac devices that cause Secure Access ZTNA enrollment failure. 

    Problem

    When attempting to enroll ZTNA, the posture error is displayed within Cisco Secure Client: "Posture Registration Failure. Endpoint Lacks Hardware Security. Please Contact Support if the Error Persists."

    Posture Registration Failure

    Solution

    The end device is not supported due to failing to meet the Secure Enclave (Mac) enabled requirement.

    Cause

    For the ZTNA module to be installed and enrolled, there is a requirement for Duo Desktop (Device Health) to be installed and running within the end device. If the end device does not support Secure Enclave, the ZTNA enrollment fails.

    Additional Information

    Supporting logs can be viewed to confirm:

    •  Dart Bundle:
      ~/Cisco Secure Client/ Zero Trust Access/Logs/ZeroTrustAccess.log
    2023-10-30 10:00:00.0000000x10eb     Error       0x0                  543    0    csc_zta_agent: [com.cisco.secureclient.zta:csc_zta_agent] E/ SSEZtnaEnroller.cpp:1429 OnEnrollmentConcluded() DHA enrollment has failed: NoHardwareSecurityFailure
    •  Duo Desktop:
      ~/Library/Logs/Duo Device Health/*.log
    2023/10/20 10:00:00:000  Secure Enclave is not supported on this device.

    Related Information

    Revision History

    Revision Publish Date Comments
    1.0
    08-Nov-2023
    Initial Release
    TAC Authored

    Contributed by Cisco Engineers

    • Akieba Alexander
      TAC
    • Fuad Al Asouli
      TAC

    Was this Document Helpful?

    FeedbackFeedback

    Contact Cisco

    This Document Applies to These Products