You try to connect to a DirectAccess server by using One-Time Password Certificate Enrollment (OTPCE) protocol authentication through an HTTPS connection on a Windows RT 8.1 or Windows 8.1-based computer. In this situation, you encounter one of the following issues:
You receive an HTTP 403 error message from the DirectAccess server as a response to the certificate-signing request.
You receive a 0x80040001 error message after you enter the one-time password (OTP).
This issue occurs when the client computer certificate is renewed. Before the client-side computer implements OTPCE protocol authentication, an error in the validation of the SSL certificate occurs. Therefore, the client computer keeps trying to use an expired cached certificate.
To resolve this issue, install update rollup 2967917. For more information about how to obtain this update rollup package, click the following article number to view the article in the Microsoft Knowledge Base:
2967917 July 2014 update rollup for Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates