Revoke User’s Agent Passwordless Login Certificate in the Cloud Administration Console
The Certificate Authority (CA) Service supports certificate-based authentication (CBA) for Windows MFA Agents integrated with Microsoft Entra ID. This enhancement provides centralized visibility and control over authentication certificates. In the Cloud Administration Console, you can monitor and revoke certificates issued to a user for agent-based, passwordless Windows logins. Active certificates can be revoked as needed.
This section outlines the steps to revoke an active certificate associated with a user.
Procedure
In the Cloud Administration Console, click Users > Management.
In the Search field, enter the user's ID or email address.
Scroll to the Agent Passwordless Login Certificates section, which displays any registered certificates along with their statuses, then locate the active certificate and click Revoke.
In the confirmation dialog box that appears, click Revoke.
The registered certificate status changes to "Revoked."
Note: Revoked certificates are permanently invalid and cannot be reactivated.
Related Articles
What are the services and processes running on the Enterprise Manager Enterprise Coordinator and Remote Site Coordinator … Number of Views How to enable passwordless authentication over RDP for RSA MFA Agent For Microsoft Windows 2.3.6 and higher Number of Views Access Policy 2.0: Easily Rollout Passwordless to the Masses Number of Views Application unavailable with 296 services failed Number of Views Passwordless Authentication in Windows MFA Agent for Microsoft Entra ID - Quick Setup Guide Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) How to install the jTDS JDBC driver on WildFly for use with Data Collections in RSA Identity Governance & Lifecycle RSA Authentication Manager 8.8 Setup and Configuration Guide Artifacts to gather in RSA Identity Governance & Lifecycle
