Sorry to dig up an old thread, but the 'Authentication certificate rejected locally' is something we can't get over @howon. I verified by going to the chrome://settings/certificates and seeing the EAP certificate in Others. Plus I even added our corp...