Client Certificates and new last name

Akin 61 Reputation points
2020-10-14T14:03:03.27+00:00

We require user certificate for pre-auth for our VPN solution. Our User certificate have UPN as SAN. When last name changes and UPN change, it seem users cannot connect back to VPN.

Anyone have insight into this? How can we reissue new cert (when still connected?) New cert do not auto issue with cerutil -pulse

Windows Server 2016
Windows Server 2016
A Microsoft server operating system that supports enterprise-level management updated to data storage.
2,535 questions
Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,865 questions
{count} votes

Accepted answer
  1. Hannah Xiong 6,276 Reputation points
    2020-10-15T08:32:43.763+00:00

    Hello,

    Thank you so much for posting here.

    Have we tried to request a new certificate via certificate MMC?

    Did we configure the user certificate auto-enrollment? To delete the old user certificate in the personal store, we could try the below command:

    Certutil -delstore -user MY <certificate name>

    32538-33.png

    For any question, please feel free to contact us.

    Best regards,
    Hannah Xiong

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.