Symptom
-- BYOD SPW provisions the immediate intermediate cert of the ISE ID Cert as a the trusted cert under "Validate Server Cert" and not the Root Certificate During NSP.
-- This happens when the ISE ID Cert is generated by a Multi-Level CA Authority.
-- As a Result of this behavior we get a Warning Message Pop up on Win 7 Machines as follows.
"The Credentials Provided by the server could not be validated. We recommend that you terminate the connection and contact your administrator with information in the details. You may still connect but doing so exposes you to security risk by possible rogue server"
Details
Radius Server :
Root CA:
The server presented a valid Certificate issued by , but is not configured as a valid trust anchor for this profile.
THis issue is not seen with apple Devices.
Conditions
-- ID Cert of ISE is Generated by a Multi-level CA authority.
-- ISE is configured for Wired or Wireless Native Supplicant Provisioning BYOD Deployment.
Workaround
-- No Workaround as of now.
Further Problem Description:
