How to disable Policy Manager certificate login for a User?

Document ID : KB000010054
Last Modified Date : 14/02/2018
Show Technical Document Details

When a Certificate gets loaded into the User Properties of a Internal Identity Provider User (Policy Manager User) and this Certificate does not get loaded into the Policy Manager itself, then the User cannot login to the Policy Manager anymore.

How can this Certificate login be removed for a specific User? 


There are two options that allows you to disable the Certificate Login of the Policy Manager:


Login to the Policy Manager as Administrator and revoke the Certificate for the User in question.

Open the privileged shell on the Gateway and execute following MySQL commands (please take care that you have a valid backup before you run any of these commands against the database): 

mysql ssg -e "delete from client_cert where login='login name here' limit 1;" 

mysql ssg -e "update internal_user set properties=NULL where login='login name here' limit 1;"