go to "Manage Wireless Networks"right click a wireless connection -> propertiesgo to the "Security" tabclick "Settings" right beside the "Choose a network authentication method" (here I choose Microsoft: Smart Card or other cerfiticate..)Then, here you can see the checkbox I mentioned, "Use simple certificate seclection (Recommended)". I wanna to know what does "Use simple certificate seclection (Recommended)" mean? what's the criterion for it? If i have several certificate on my computer, how will the system choose a certificate under such condition? thanks!

http://technet.microsoft.com/en-us/library/dd469748(WS.10).aspx I found the link above where did give me the meaning of this checkbox, but still I don't understand how does it work? [Simplifies certificate selection for the user by grouping certificates with the same subject and selecting the most recently issued certificate in each group. If only one group exists, then the most recent certificate in this group is automatically selected for authentication.] What do the words User and grouping mean here? Does the user mean for user certificate? What does the "grouping" mean? How to group? Where can I see the group? thanks!

Hi, From this document, we can see: “Use simple certificate selection This check box enables and disables simple certificate selection. When enabled, Windows attempts to simplify the list of certificates with which the user is prompted for selection. The certificates that are usable for EAP-TLS authentication are grouped by the entity that was issued the certificate based on the Subject Alternative Name and Subject fields of the certificates. The most recently issued certificate from each group is used to create the list that is presented to the user. Simple certificate selection is only used when Use a certificate on this computer is selected. When Use a certificate on this computer is selected, simple certificate selection is enabled by default.” IEEE 802.1X Authentication for Wireless Connections Hope this helps. Thanks. Nicholas Li - MSFT

thanks Nicholas, I have a question here. Suppose that there are two most recently issued certificates from two seprate entity (you can also understand it as there are two groups, or two different Subject Alternative Name), which meas now Windows need to select one certificate for my wireless EAP-TLS connection, which one would Windows choose ?

Hi, Based on my research and understanding, if there have two different certificates, it will determine which one fits the requirements of 802.1X authentication; if both of them are qualified, it will choose one randomly. In addition, I would like to share the following with you for your reference: Understanding 802.1X authentication for wireless networks Certificate requirements when you use EAP-TLS or PEAP with EAP-TLS Thanks. Nicholas Li - MSFT

thanks for your help Nicholas.

Based on my understanding, if two certificates qualify for 802.1X authentication, then the most recently issued certificate will be selected.