https://community.cisco.com/t5/network-access-control/windows-7-cannot-present-a-valid-cert-when-an-invalid-cert-is/m-p/3486914#M535694 <HTML><HEAD></HEAD><BODY><P>Thanks for the update. I hope you opened a ticket with Microsoft.</P><P></P><P>Were the certificates issued by a Microsoft Windows Enterprise CA and then renew using the cert renewal wizard? I am wondering why it did not clean up the expired certificates.</P></BODY></HTML> Fri, 30 Jun 2017 14:46:22 GMT hslai 2017-06-30T14:46:22Z https://community.cisco.com/t5/network-access-control/windows-7-cannot-present-a-valid-cert-when-an-invalid-cert-is/m-p/3486911#M535685 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>I testing machine authentication using EAP-TLS and certificate expiry. It seems that when an invalid cert is present in the machine store the machine is failing authentication and cannot present even the valid certificate.</P><P>This has been described by Microsoft at </P><P></P><P><A href="https://support.microsoft.com/en-us/help/2769121/802.1x-authentication-fails-on-a-windows-7-based-or-windows-2008-r2-based-computer-that-has-multiple-certificates">https://support.microsoft.com/en-us/help/2769121/802.1x-authentication-fails-on-a-windows-7-based-or-windows-2008-r2-based-computer-that-has-multiple-certificates</A></P><P></P><P>Has anyone faced the same issue. </P></BODY></HTML> Mon, 05 Jun 2017 14:58:17 GMT https://community.cisco.com/t5/network-access-control/windows-7-cannot-present-a-valid-cert-when-an-invalid-cert-is/m-p/3486911#M535685 umahar 2017-06-05T14:58:17Z https://community.cisco.com/t5/network-access-control/windows-7-cannot-present-a-valid-cert-when-an-invalid-cert-is/m-p/3486912#M535688 <HTML><HEAD></HEAD><BODY><P>Is the Microsoft hot fix not helping??</P></BODY></HTML> Wed, 28 Jun 2017 22:46:18 GMT https://community.cisco.com/t5/network-access-control/windows-7-cannot-present-a-valid-cert-when-an-invalid-cert-is/m-p/3486912#M535688 hslai 2017-06-28T22:46:18Z https://community.cisco.com/t5/network-access-control/windows-7-cannot-present-a-valid-cert-when-an-invalid-cert-is/m-p/3486913#M535691 <HTML><HEAD></HEAD><BODY><P>It din't help at first but after running Windows update multiple times it worked on Wireless but Wired still gave problems.</P></BODY></HTML> Fri, 30 Jun 2017 14:33:24 GMT https://community.cisco.com/t5/network-access-control/windows-7-cannot-present-a-valid-cert-when-an-invalid-cert-is/m-p/3486913#M535691 umahar 2017-06-30T14:33:24Z https://community.cisco.com/t5/network-access-control/windows-7-cannot-present-a-valid-cert-when-an-invalid-cert-is/m-p/3486914#M535694 <HTML><HEAD></HEAD><BODY><P>Thanks for the update. I hope you opened a ticket with Microsoft.</P><P></P><P>Were the certificates issued by a Microsoft Windows Enterprise CA and then renew using the cert renewal wizard? I am wondering why it did not clean up the expired certificates.</P></BODY></HTML> Fri, 30 Jun 2017 14:46:22 GMT https://community.cisco.com/t5/network-access-control/windows-7-cannot-present-a-valid-cert-when-an-invalid-cert-is/m-p/3486914#M535694 hslai 2017-06-30T14:46:22Z https://community.cisco.com/t5/network-access-control/windows-7-cannot-present-a-valid-cert-when-an-invalid-cert-is/m-p/3486915#M535696 <HTML><HEAD></HEAD><BODY><P>This was part of testing for BYOD environment so Microsoft Windows Enterprise CA was not involved.</P><P>ISE NSP does not clean up the expired certificate. </P></BODY></HTML> Fri, 14 Jul 2017 19:00:42 GMT https://community.cisco.com/t5/network-access-control/windows-7-cannot-present-a-valid-cert-when-an-invalid-cert-is/m-p/3486915#M535696 umahar 2017-07-14T19:00:42Z