Microsoft has just updated the following KB Article:
An update for the authentication certificate in System Center Configuration Manager Asset Intelligence is available
Symptoms:
In System Center Configuration Manager, the issuing certificate that System Center Online uses to validate the Asset Intelligence public authentication (bootstrap) certificate expires on May 29th 2015. After this date, System Center Online does not recognize the pre-provisioned public authentication certificate used by the Asset Intelligence synchronization point site system role to enroll with the service.
Note The AI authentication certificate contained in this update is valid until March 20th, 2017. Its issuing certificate is valid until March 10th, 2017.
Scenario 1
You are trying to install a new Asset Intelligence synchronization point and it is making its first connection attempt to the System Center Online service
Scenario 2
Your existing Asset Intelligence synchronization point tries to use the public authentication certificate to renew the specific per-installation certificate.
In either of these scenarios, System Center Online will reject the public authentication certificate and you will receive the following error message in the Asset Intelligence pane of the Configuration Manager Console.
System Center Configuration Manager 2007
Connection failed -bad certificate
System Center 2012 Configuration Manager products
Expired credentials/certificate/token. Need to re-provision online account.
Additionally, the following error message is logged in the Aiupdatesvc.log file:
Asset Intelligence Catalog Sync Service Error: 0 :<Log Date>:Exception attempting sync – The request failed with HTTP status 403: Forbidden.