I have a FIMCM 2010 server which is served by a PKI consisting of Root, Policy and Issuing CA servers. I have just renewed the CA certificate on the Issuing CA server (using same private key) and AD Group policy has pushed the new CA certificate out to the certificate stores of the hosts in my domain.
My problem is that now my smartcard users are unable to enrol for a certificate - they get the error "A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider - 0x800B0112". Can anyone tell why the FIM client is unable to trust the CA cert even though it is installed on the client pc ?
Thanks