Wireless Certificate SChannel error (The certificate received from the remote server has either expired or is not yet valid)
Posted on 2011-02-28
We recently renewed both the Root and intermediate CA servers certifcates in the organization. This was done successfully.
For client PC's to access our wireless network we use certificates (WPA2 / AES). These certificates are auto generated upon request from the client PC. These requests are carried out by the intermediate CA. Now when the PC's try to authenticate to use the wireless network the computer gets the following error:
Event ID: 36881
Description: The Certificate received from the remote server has either expired or is not yet valid. The SSL connection request has failed. The attached data contains the server certificate.
So far I've done the following on Client PC:
1) Via Certificate MMC (Both Personal and Local Computer) removed old / expired root and intermediate certificates
2) Removed all cached ssl certificates out of IE (Tools>Internet Options>Contents Tab>Certificates>.
After this I still can't get these on Wireless. I have other devices on our network working fine with wifi, for example iPhone authenicating the same way. This is why I think there is somethng cached on the local PC's. The PC's in my environment are Windows XP and Windows 7.
One thing to Note: I'm not sure if this has anything to do with this issue, when on the Intermediate CA Server in the Certificate Authority MMC, when I right click the server name and go to properties, I noticed in the General Tab the the expired certificate is "Certificate #0 (expired)" is first and Certificate #1 is beneath it. I tried to remove the old certificate from here by removing it from "Certificate MMC", however once I restart the Certificate Authority service, this old certificate gets put back in the database. Is there a way to remove the old certificate?
Assistance is needed. I've been researching this for a few hours and haven't found the fix yet.