Can't login to Application Server with System User account

It's a v8.0.1 QA environment. We installed application server but can't login with System User. The log shows the error messages below. We checked the certificate application server use it looks good with all valid trusted chain on Certificate Path tab.

There was an old certificate for IIS and used by application server before but we removed old cert and uninstalled application server. Then reinstalled new certificate and application server. Could application server still look for old certificate with its key cached somewhere on windows server? Any suggestions much appreciate! Thank you. 

2018-06-12 13:27:58.3047 INFO (ObjectLog 9b918ef4-9275-4b7a-a62e-c6e55fb88324) : User viadmin (Dialog user: viadmin, X fields: viadmin) authenticated.

2018-06-12 13:27:58.3203 ERROR (ObjectLog ) : [System.Security.Cryptography.CryptographicException] Key not valid for use in specified state.

 

 System.Security.Cryptography.CryptographicException: Key not valid for use in specified state.

 

   at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)

   at System.Security.Cryptography.Utils.ExportCspBlob(SafeKeyHandle hKey, Int32 blobType, ObjectHandleOnStack retBlob)

   at System.Security.Cryptography.Utils.ExportCspBlobHelper(Boolean includePrivateParameters, CspParameters parameters, SafeKeyHandle safeKeyHandle)

   at VI.DB.Auth.AuthToken.Create(X509Certificate2 certificate, ClaimsIdentity identity)

   at VI.DB.Entities.TokenCreatorImpl.CreateTokenAsync(CancellationToken cancellationToken)

   at VI.DB.Entities.SessionExtensions.CreateTokenAsync(ISession session, CancellationToken cancellationToken)

   at VI.DB.Sync.SyncSessionExtensions.<>c__DisplayClass0_0.<CreateToken>b__0()

   at VI.Base.SyncActions.Do[T](Func`1 function)

   at QBM.AppServer.Base.SessionAuthProvider.Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)

   at ServiceStack.Auth.AuthenticateService.Authenticate(Authenticate request, String provider, IAuthSession session, IAuthProvider oAuthConfig)

   at ServiceStack.Auth.AuthenticateService.Post(Authenticate request)

   at ServiceStack.Host.ServiceRunner`1.Execute(IRequest request, Object instance, TRequest requestDto)    at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)

   at System.Security.Cryptography.Utils.ExportCspBlob(SafeKeyHandle hKey, Int32 blobType, ObjectHandleOnStack retBlob)

   at System.Security.Cryptography.Utils.ExportCspBlobHelper(Boolean includePrivateParameters, CspParameters parameters, SafeKeyHandle safeKeyHandle)

   at VI.DB.Auth.AuthToken.Create(X509Certificate2 certificate, ClaimsIdentity identity)

   at VI.DB.Entities.TokenCreatorImpl.CreateTokenAsync(CancellationToken cancellationToken)

   at VI.DB.Entities.SessionExtensions.CreateTokenAsync(ISession session, CancellationToken cancellationToken)

   at VI.DB.Sync.SyncSessionExtensions.<>c__DisplayClass0_0.<CreateToken>b__0()

   at VI.Base.SyncActions.Do[T](Func`1 function)

   at QBM.AppServer.Base.SessionAuthProvider.Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)

   at ServiceStack.Auth.AuthenticateService.Authenticate(Authenticate request, String provider, IAuthSession session, IAuthProvider oAuthConfig)

   at ServiceStack.Auth.AuthenticateService.Post(Authenticate request)

   at ServiceStack.Host.ServiceRunner`1.Execute(IRequest request, Object instance, TRequest requestDto)

Thanks for the helps!!!