How to remove the Windows User-ID Agent Server Certificate
7317
Created On 04/21/21 17:58 PM - Last Modified 05/17/21 11:32 AM
Symptom
A Server Certificate has been added to the Windows User-ID Agent for connection security, but there is no option in the Agent GUI to remove the configuration.
Resolution
The certificate configuration can be manually removed from the config file of Windows User-ID Agent.
Path:
C:\Program Files (x86)\Palo Alto Networks\User-ID Agent\UserIDAgentConfig.xml
Steps:
1) Make a copy of the UserIDAgentConfig.xml file, just in case a rollback is needed.
2) Open the xml file in a text editor such as notepad or notepad++.
3) Remove the config section shown in the screenshot below and save the file.
The config section starts with '<servercert name' and includes the certificate and the private key.