Azure MFA NPS extension stopped working due to expired certification

 Users complained they were unable to log in VMware Horizon Client portal and the logon stuck at "Authenticating...." screen.

So I started troubleshooting the MFA by looking into the NPS event logs and found the log of 6274 with the error message, "The request was discarded by a third-party extension DLL file." 

In AuthZ ? AuthZAdminCh event log category, the Errorcode of "CLIENT_CERT_INSTALL_ERROR" indicated the certificate issue so I suspected the certificate has expired.

Indeed the certificate has expired yesterday....

So I reran the .\AzureMfaNpsExtnConfigSetup.ps1 script in C:\Program Files\Microsoft\AzureMfa\Config on NPS server. It generated a new certificate with another 2 years of period.

Once the certificate is in place, the 2FA login is happy now.