We have setup Wireless certificate authentication using ACS 5.3. It uses a stand alone certificate chain and all certificates were installed and correctly setup on the ACS. We have rules setup that look for a specific common name in the User personal certificate(not AD). When we deploy the certificates to a Windows 7 client and connect to the specified SSID, it connects successfully and the log states that it authenticated using the Common name of the certificate using X509_PKI.
We have problems when the same certificates are deployed to a Windows 8 client, as it then states that the connection failed using EAP-TLS authentication Method. The error says "12519 EAP-TLS failed SSL/TLS handshake because of an unsupported certificate in the client certificate chain", but how can this be when we are setting up the windows 8 client in exactly the same way as the windows 7 client, certificates and wifi profiles match exactly.