Cisco ISE: 11514 Unexpectedly received empty TLS message; treating as a rejection by the client error

Without warning my Cisco ISE installation at a client's site stopped working. This started with a call from the client complaining that he couldn't connect to the wireless network. Lucky enough for wired it was still in open authentication mode so it was only showing "unauthenticated" error on the PC NIC but clients could still connect. For the wifi it was a bit restrictive for the obvious reason of insecurity on wireless networks. Even on a POC or Lab set up I would never compromise on the wireless security. This got me cracking my head trying to figure out where the issue was. I even went through the AD Group POlicy configurations and redid them. A bit of googling and it points me to an issue on EAP authentication, about what the clients are being presented with. So did further research and went back to the ISE and discovered that without a warning the ISE CA-signed certificates had expired. FYI, its possible to configure ISE to send alerts/notifications when the ISE certificate is about to expire, this will save you going through the agony that i just went through. Anyway to cut a long story short, i redid the CSR, went to the CA server and generated a new CA-signed certificate for the ISE and boom, we were up and running. Useful link that helped me: http://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/116977-technote-ise-cert-00.html Hope no soul out there experiences this simple to resolve issue.