You didn't revealed even the basic things like the OS you have on client machine. It mean you have a version of Windows. Unfortunately, I'm no windows expert.
Your client needs to recognize Cisco ISE certificate as trusted. Root CA needs to be placed in appropriate certificate store - the machine store if you are configuring machine-level authentication, or the user store if you are configuring user-level authentication. Or elsewhere according requirements of your authentication client. Consult the documentation related to your OS and it's client setup. If there is a intermediate certificate then it needs to be delivered from server side to client during TLS handshake.
I wish a more skilled Windows user will give you better advice. I'm familiar with the principles, but I don't know where to click in Windows.
if the client is rejecting the certificate check the wireless setting and uncheck the option in windows for verify there trusted certificate server usualy this happen in windows if the mentioned optioned it checked.Also make sure that you have set the authentication method as user and computer .