It is the current Intel PROSet behavior for user profiles in that if existing certificate expires, Dr WiFi tool will generate an error during authentication and will prompt user to change his certificate in the profile.
The workaround for this scenario is to use a Pre-logon/Common profile. This can be achieved by using Intel Administrator tool to create a Pre-logon/Common profile and use "Use a user certificate on this computer". This will allow Intel WiFi stack/supplicant to automatically choose the best user certificate for TLS authentication from user cert store.
After adding the profile in the package...you can apply this package to any Win XP box. You can read on more on Administrator tool in PROset help. You may NOT want to install SSO if you are not going to use it.