Issue:

Cannot issue Client Certificates;

Steps:
Login to OMS, make sure:

• The pricing band is added for the customer for custom client certificates,
• Allow Custom Client Certs? set to YES (If not you need to contact an SE)

Login to SCM:

• Edit the organization in question
• Scroll to client certificates, check Allow Client certificate
• Click certificate types, and add the client certificate (High Personal Validated Certificate)
• In Web enrollment Type, select Invitation
• In Authentication, Select Client, to enable Client certificate 2FA

Now in order for the customer to start requesting client certificate they need to initialize encryption, in the master level, and organization level,