Hi,
Please see this:
Then open the tab "Optional Components" and ad Microsoft .NET (WinPE-Dot3Svc)
This integrates the 802.1x Service into the Boot Image.
You have then to activate it during the task Sequence by a package that does basically the following:
REM Import personal/Machine Certificate
certutil -p password -importPFX cert.pfx
 
REM Importiere Root Zertifikat...
certutil.exe -addstore root CETRIFICATE.cer
 
Rem Start The Network Service and set it to automatic restart
sc config Dot3svc start= auto
net start Dot3svc
 
REM Import Networkprofile that was exported from a running win7/8 system
netsh lan add profile filename=NetProfile.xml
If Win 8.1 and Win PE5.0 can not successfully connect via EAP-TLS if the Zertificate of the Radius Server does not have a CDP Extension.
We need a workaround:
Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RasMan\PPP\EAP\13
ValueName: NoRevocationCheck
Type: REG_DWORD
Value: 1
Hope it's helpful.
Regards,
George Zhao
TechNet Community Support