Policy

Reverse the subject name stored in a certificate when displaying

Windows 11 25H2

Back to categoryOpen picker

Policy overview

Key metadata and intent for this policy.

ClassComputer
CategoryWindows Components > Smart Card
Supported onAt least Windows Vista

Supported OS tags: Windows10, Windows10RT, Windows11, Windows7, Windows8, Windows81, WindowsRT, WindowsRT81, WindowsServer2008, WindowsServer2012, WindowsServer2012R2, WindowsServer2016, WindowsVista

This policy setting lets you reverse the subject name from how it is stored in the certificate when displaying it during logon. By default the user principal name (UPN) is displayed in addition to the common name to help users distinguish one certificate from another. For example, if the certificate subject was CN=User1, OU=Users, DN=example, DN=com and had an UPN of user1@example.com then "User1" will be displayed along with "user1@example.com." If the UPN is not present then the entire subject name will be displayed. This setting controls the appearance of that subject name and might need to be adjusted per organization. If you enable this policy setting or do not configure this setting, then the subject name will be reversed. If you disable , the subject name will be displayed as it appears in the certificate.

Internal name
ReverseSubject
Policy ID
739dddabf153
Elements
0

Registry values

How enabled and disabled states update the registry.

Registry locationTypeEnabled valueDisabled value
HKLM\SOFTWARE\Policies\Microsoft\Windows\SmartCardCredentialProvider\ReverseSubjectREG_DWORD
1
0

Policy elements

Inputs and configuration options exposed by this policy.

This policy has no additional user input fields.

Other policies in this category

Explore related policies at the same level.

View all policies in this category