Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

Downlevel clients in a Windows Server 2003-based domain display "No Alternative Name" on certificates

View products that this article applies to.

This article was previously published under Q300865

↑ Back to the top


If a user is on a downlevel client computer that is joined to a Windows Server 2003-based domain that enrolls for certificates from an Enterprise certification authority in the Windows .NET domain, the downlevel client does not correctly display the user principal name (UPN) in the Subject Alternative Name field.

When this field is viewed from the downlevel clients, the field in the issued certificate is displayed as: "No alternative name".

↑ Back to the top


The certificate has been issued correctly and does have the correct information in the field. Windows 95, Windows 98, Windows Milennium Edition (Me), and previous versions of Windows NT are not able to display this field correctly.

↑ Back to the top


This behavior is by design.

↑ Back to the top

More information

The Subject Alternative Name extension in the details section of the certificate normally lists the UPN of the account of the user in Active Directory.

↑ Back to the top

Keywords: kbenv, kberrmsg, kbprb, KB300865

↑ Back to the top

Article Info
Article ID : 300865
Revision : 7
Created on : 3/1/2007
Published on : 3/1/2007
Exists online : False
Views : 470