Certificates gone Wrong!

Posted on 2004-08-19
Last Modified: 2010-04-11
We are having a Problem here in our Credit Union...

We use certificates to validate users onto certain websites (Federal Reserve etc etc), under win98 it was working fine, butwe are now upgrading most machines to WinXP but the problem is when we do that, the Certificates work fine, until the user has to change his/her password (which is set to change every 90days).  I found a link on Microsoft that says just to revert to the old password, but this sortof defeats the purpose of having expiring passwords...

Anybody knows a way around this?

Question by:civicex2g
  • 3
  • 2

Expert Comment

ID: 11850034

please visit:;en-us;331333&Product=winxp

this may help but at the end the document for such conditions it says:
This behavior is by design.


Author Comment

ID: 11850994
Thank you sir for that article, unfortunately that was one of the ones I read already but did not help we dont use roaming profiles... but we just solved the problem by extending the users passwords to 120 days instead of 90 so that they expire the same time the certificates do, ohwell thanks alot though.

Accepted Solution

saito1 earned 250 total points
ID: 11851035
hi civicex2g,

I guess that you read it. and yes as I wrote above, this behavior is by design so it means there is nothing to do unfortunatelly.
maybe better you choose "password doesn't expire" then you will not have this problem except user changes password manually...

happy if I could help you...



Author Comment

ID: 11851043
yeah im going to do what you said and just put those certain users not to expire... thanks for you help!

Expert Comment

ID: 11851055
and also you can choose the "user can not change password" so if user can not change password and password never expires you never get problem with certificates :-)


Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How do we balance the user experience (UX) with reasonable security measures? It can be done, if you keep these fundamentals in mind.
The related questions "How do I recover the passwords for my Q-See DVR" and "How can I reset my Q-See DVR to eliminate a password" are seen several times a week.  Here we discuss the grim reality of the situation.
Sending a Secure fax is easy with eFax Corporate ( First, just open a new email message. In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question