Hyper-V Replica - The certificate could not be verified upto the trusted certification authority

Hello,

I have created a hyper-v replica setup as described in: http://www.vkernel.ro/blog/configuring-hyper-v-replica-using-certificate-based-authentication-https

The following does apply to my setup:

1. I use a domain CA
2. I have 2 clusters with 2012 R2 hyper-v
3. SCVMM is used to manage the hosts, but I configured everything on the hyper-v console and failover cluster manager
4. I have created a  group policy for auto-enrollment of the computer certificate of the hyper-v hosts
5. I installed the replica broker role with name LOK1HA2BRK.domain.local for cluster LOK1HA2
6. I installed the replica broker role with name LOK3HA2BRK.domain.local for cluster LOK3HA2
7. I created a certificate template (duplicate computer template) as stated in the article and requested certificate for the replica broker with CN as LOK1HA2BRK.wessanen.local and LOK3HA2BRK.wessanen.local on 1 cluster host and imported the certificate on all other hosts in the clusters.
8. I have a replica broker certificate with a subject CN = LOK1HA2BRK.domain.local for the replica broker role on LOK1HA2
9. I have a replica broker certificate with a subject CN = LOK3HA2BRK.domain.local for the replica broker role on LOK3HA2

The replica role setup was successfull, but when I want to enable replication on a VM on LOK1HA2 and use replica server LOK3HA3BRK.domain.local, I get the error message:

Hyper-v could not validate certificate with thumbprint <thumbprint of broker certificate LOK1HA2BRK>. The certificate could not be verified upto the trusted certification authority. The certificate cannot be verified upto the trusted certification authroity. Error: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider. (0x800B0109).

You would think "well just add the root certificate to the Trusted Root Certification Authorities store...", but because I use an Enterprise CA, this is already done ofcourse. There are some certificates in the Personal store of the hyper-v hosts, which also have the CN of the host itself, but they seem to be self signed. I don't know if I can remove them, because I suspect that SCVMM created them for some reasons. Secondly, i don't think it is the problem, becuase if the certificate thumbprint of the error is the thumbprint of the broker certificate. 

What I do think is strange, is that the certificate i can select for the replica server connection is only the AMS1HA2BRK certificate and NOT the computer certificate, as described in the article. I would not think that is incorrect, but it is a difference.