diff --git a/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java b/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java
index 8beb735d..72a5f823 100644
--- a/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java
+++ b/HIRS_AttestationCA/src/main/java/hirs/attestationca/AbstractAttestationCertificateAuthority.java
@@ -460,8 +460,8 @@ public abstract class AbstractAttestationCertificateAuthority
             ProvisionerTpm2.IdentityClaimResponse response
                     = ProvisionerTpm2.IdentityClaimResponse.newBuilder()
                     .setCredentialBlob(blobStr).setPcrMask(pcrQuoteMask)
+                    .setStatus(ProvisionerTpm2.ResponseStatus.PASS)
                     .build();
-
             return response.toByteArray();
         } else {
             LOG.error("Supply chain validation did not succeed. Result is: "
@@ -470,6 +470,7 @@ public abstract class AbstractAttestationCertificateAuthority
             ProvisionerTpm2.IdentityClaimResponse response
                     = ProvisionerTpm2.IdentityClaimResponse.newBuilder()
                     .setCredentialBlob(blobStr)
+                    .setStatus(ProvisionerTpm2.ResponseStatus.FAIL)
                     .build();
             return response.toByteArray();
         }
@@ -640,6 +641,7 @@ public abstract class AbstractAttestationCertificateAuthority
                         .copyFrom(derEncodedAttestationCertificate);
                 ProvisionerTpm2.CertificateResponse response = ProvisionerTpm2.CertificateResponse
                         .newBuilder().setCertificate(certificateBytes)
+                        .setStatus(ProvisionerTpm2.ResponseStatus.PASS)
                         .build();
 
                 saveAttestationCertificate(derEncodedAttestationCertificate, endorsementCredential,
@@ -651,7 +653,9 @@ public abstract class AbstractAttestationCertificateAuthority
                         + "Firmware Quote Validation failed. Result is: "
                         + validationResult);
                 ProvisionerTpm2.CertificateResponse response = ProvisionerTpm2.CertificateResponse
-                        .newBuilder().setCertificate(ByteString.EMPTY).build();
+                        .newBuilder()
+                        .setStatus(ProvisionerTpm2.ResponseStatus.FAIL)
+                        .build();
                 return response.toByteArray();
             }
         } else {
diff --git a/HIRS_ProvisionerTPM2/src/ProvisionerTpm2.proto b/HIRS_ProvisionerTPM2/src/ProvisionerTpm2.proto
index fdf30985..71996560 100644
--- a/HIRS_ProvisionerTPM2/src/ProvisionerTpm2.proto
+++ b/HIRS_ProvisionerTPM2/src/ProvisionerTpm2.proto
@@ -77,9 +77,15 @@ message TpmQuote {
   required string success = 1;
 }
 
+enum ResponseStatus {
+  PASS = 0;
+  FAIL = 1;
+}
+
 message IdentityClaimResponse {
-  required bytes credential_blob = 1;
+  optional bytes credential_blob = 1;
   optional string pcr_mask = 2;
+  optional ResponseStatus status = 3 [default = FAIL];
 }
 
 message CertificateRequest {
@@ -88,6 +94,7 @@ message CertificateRequest {
 }
 
 message CertificateResponse {
-  required bytes certificate = 1;
+  optional bytes certificate = 1;
+  optional ResponseStatus status = 2 [default = FAIL];
 }
 
diff --git a/HIRS_ProvisionerTPM2/src/RestfulClientProvisioner.cpp b/HIRS_ProvisionerTPM2/src/RestfulClientProvisioner.cpp
index 1f77c53f..87102cb3 100644
--- a/HIRS_ProvisionerTPM2/src/RestfulClientProvisioner.cpp
+++ b/HIRS_ProvisionerTPM2/src/RestfulClientProvisioner.cpp
@@ -144,7 +144,8 @@ string RestfulClientProvisioner::sendAttestationCertificateRequest(
         }
 
         // Return the public attestation certificate
-        return response.certificate();
+//        return response.certificate();
+        return response.SerializeAsString();
 
     } else {
         stringstream errormsg;
diff --git a/HIRS_ProvisionerTPM2/src/TPM2_Provisioner.cpp b/HIRS_ProvisionerTPM2/src/TPM2_Provisioner.cpp
index 2f5aea23..7a618476 100644
--- a/HIRS_ProvisionerTPM2/src/TPM2_Provisioner.cpp
+++ b/HIRS_ProvisionerTPM2/src/TPM2_Provisioner.cpp
@@ -144,7 +144,21 @@ int provision() {
     string response = provisioner.sendIdentityClaim(identityClaim);
     hirs::pb::IdentityClaimResponse icr;
 
-    if (!icr.ParseFromString(response) || !icr.has_credential_blob()) {
+    if (!icr.ParseFromString(response) || !icr.has_status()) {
+        logger.error("The ACA did not send a provisioning status.");
+        cout << "----> Provisioning failed." << endl;
+        cout << "Please refer to the Attestation CA for details." << endl;
+        return 0;
+    }
+
+    if (icr.status() == hirs::pb::ResponseStatus::FAIL) {
+        logger.error("The ACA responded with a FAIL status.");
+        cout << "----> Provisioning failed." << endl;
+        cout << "Please refer to the Attestation CA for details." << endl;
+        return 0;
+    }
+
+    if (!icr.has_credential_blob()) {
         logger.error("The ACA did not send make credential blob.");
         cout << "----> Provisioning failed." << endl;
         cout << "The ACA did not send make credential information." << endl;
@@ -183,6 +197,15 @@ int provision() {
     const string& akCertificateByteString
             = provisioner.sendAttestationCertificateRequest(certificateRequest);
 
+    hirs::pb::CertificateResponse cr;
+    if (!cr.ParseFromString(akCertificateByteString) && cr.has_status()) {
+        if (cr.status() == hirs::pb::ResponseStatus::FAIL) {
+            cout << "----> Provisioning the quote failed.";
+            cout << "Please refer to the Attestation CA for details." << endl;
+            return 0;
+        }
+    }
+
     if (akCertificateByteString == "") {
         cout << "----> Provisioning the quote failed.";
         cout << "Please refer to the Attestation CA for details." << endl;