Decrypt error after Handshake protocol: certificate

Hi, I'm implementing mutual authentication for a particular virtual host on my sever. Once I received the client SHA256 signed cert I got below alert.

Level: fatal, description: Decrypt error

frame 16: server received client cert

frame 17: server sent decrypt error

According to http://tools.ietf.org/html/rfc5246

decrypt_error means

  A handshake cryptographic operation failed, including being unable
  to correctly verify a signature or validate a Finished message.
  This message is always fatal.

I guess in my case the server is not able to verify signature. can you let me know what might be the reasons for server not able to verify cert signature? I have the necessary root and int. certs. Do you think it has something to do with SHA256? Other client certs for which I see successful handshakes are sha1.

wireshark debug logs:

dissect_ssl enter frame #16 (first time) conversation = 0000000006D169A8, ssl_session = 0000000006D16FE8 record: offset = 0, reported_length_remaining = 3894 dissect_ssl3_record: content_type 22 Handshake decrypt_ssl3_record: app_data len 3889, ssl state 0x17 packet_from_server: is from server - FALSE decrypt_ssl3_record: using client decoder decrypt_ssl3_record: no decoder available dissect_ssl3_handshake iteration 1 type 11 offset 5 length 3885 bytes, remaining 3894

dissect_ssl enter frame #16 (first time) conversation = 0000000006D169A8, ssl_session = 0000000006D16FE8 record: offset = 0, reported_length_remaining = 186 need_desegmentation: offset = 0, reported_length_remaining = 186

dissect_ssl enter frame #17 (first time) conversation = 0000000006D169A8, ssl_session = 0000000006D16FE8 record: offset = 0, reported_length_remaining = 7 dissect_ssl3_record: content_type 21 Alert decrypt_ssl3_record: app_data len 2, ssl state 0x17 packet_from_server: is from server - TRUE decrypt_ssl3_record: using server decoder decrypt_ssl3_record: no decoder available

Thanks in advance.