When renewing a certificate, users are presented three choices for installing the new certificate:
Personal store
Local machine store
Smart Card
The option 'Personal store' is selected by default.
Use a text editor to open the file <KCA-install-dir>/WebServer/enroll-server/get-cert-msie.xuda, and look for the following lines:
<P> Where is this certificate being installed?
<SELECT NAME="USERPROTECT">
<OPTION VALUE="0" SELECTED>Personal store</OPTION>
<OPTION VALUE="1">Local machine store</OPTION>
<OPTION VALUE="2">Smart Card</OPTION>
</SELECT>
</P>
To change the default selection to 'Smart Card', change the above lines so they look like the following:
<P> Where is this certificate being installed?
<SELECT NAME="USERPROTECT">
<OPTION VALUE="0">Personal store</OPTION>
<OPTION VALUE="1">Local machine store</OPTION>
<OPTION VALUE="2" SELECTED>Smart Card</OPTION>
</SELECT>
</P>
Save the changes. All users will get 'Smart Card' as the default option to install the renewed certificate to.
Related Articles
Xudad crashes soon after renewing System CA certificate Number of Views How to renew SSL server certificates with RSA Certificate Manager Number of Views Unable to renew system SSL certificates on Registration Manager 6.6.1 Number of Views Unable to renew certificate from web enrollment server Number of Views Unable to renew certificate after clicking on a link to auto-renew-certificate.xuda page in email notification Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.9 Release Notes (January 2026) RSA-2022-12: RSA Authentication Manager Security Update for Third-Party Component Vulnerabilities
