Certificates gone Wrong!

Posted on 2004-08-19
Last Modified: 2010-04-11
We are having a Problem here in our Credit Union...

We use certificates to validate users onto certain websites (Federal Reserve etc etc), under win98 it was working fine, butwe are now upgrading most machines to WinXP but the problem is when we do that, the Certificates work fine, until the user has to change his/her password (which is set to change every 90days).  I found a link on Microsoft that says just to revert to the old password, but this sortof defeats the purpose of having expiring passwords...

Anybody knows a way around this?

Question by:civicex2g
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2

Expert Comment

ID: 11850034

please visit:;en-us;331333&Product=winxp

this may help but at the end the document for such conditions it says:
This behavior is by design.


Author Comment

ID: 11850994
Thank you sir for that article, unfortunately that was one of the ones I read already but did not help we dont use roaming profiles... but we just solved the problem by extending the users passwords to 120 days instead of 90 so that they expire the same time the certificates do, ohwell thanks alot though.

Accepted Solution

saito1 earned 250 total points
ID: 11851035
hi civicex2g,

I guess that you read it. and yes as I wrote above, this behavior is by design so it means there is nothing to do unfortunatelly.
maybe better you choose "password doesn't expire" then you will not have this problem except user changes password manually...

happy if I could help you...



Author Comment

ID: 11851043
yeah im going to do what you said and just put those certain users not to expire... thanks for you help!

Expert Comment

ID: 11851055
and also you can choose the "user can not change password" so if user can not change password and password never expires you never get problem with certificates :-)


Featured Post

How to Defend Against the WCry Ransomware Attack

On May 12, 2017, an extremely virulent ransomware variant named WCry 2.0 began to infect organizations. Within several hours, over 75,000 victims were reported in 90+ countries. Learn more from our research team about this threat & how to protect your organization!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Blackberry and SMS logging 5 40
Fraud Email 22 128
Workstation all of a sudden says it cannot connect to domain because 3 71
Symantec Endpoint Production 14 Questions 3 52
Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Sending a Secure fax is easy with eFax Corporate ( First, just open a new email message. In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question