How to Configure a Native Cert Delivery Realm to Overwrite Existing Certificates

    Applies to:
  • Legacy SecureAuth IdP
Deployment model:
  • On Premises
  • SecureAuth IdP Version affected: All versions

    Description: Realms with a post authentication of Native Mode Cert Landing Page deliver personal user certificates and automatically imports them into the proper certificate store, through the web browser Internet Explorer. By default, if an enrollment realm detects that an authenticated user already has a valid personal certificate within their certificate store, the realm will display a "Congratulations" page, but will not issue the user a new certificate. This is because of the Token Persistence settings in the realm are configured towards this workflow. To change the realm so that a new personal certificate is delivered each time a user enrolls--overwriting pre-existing certificates--implement the following.

    From the IdP server, navigate to your native certificate delivery realm's Workflow tab from the Admin Console.

    Admin Console -> Admin Realm -> SecureAuth# -> Workflow (tab)

    From the Token Persistence section configure the following fields:

    Validate Persistent Token = Flase
    Renew Persistent Token (After Validation) = True

    Click Save.

    Users will now enroll for a new personal certificate upon every successful authentication into the realm.


    1 out of 1 found this helpful



    Please sign in to leave a comment.