I am having an issue with duplicated SCEP client certificates on an iOS device.
We deployed an SCEP profile via MDM, then deleted and redeployed it via MDM. In Settings > General > VPN & Device Management, only one SCEP profile is visible. However, Safari shows duplicated certificates when a server requests a client certificate.
We have tried removing the cert profile on MDM and unenrolling the device from MDM, but only the latest certificate got removed, leaving previous ones stuck on the device or in the Safari app.
We have found no way to remove these duplicated certificates other than factory reset the devices. This appears to be a potential iOS bug affecting certificate cleanup. We need assistance to resolve this issue. Also, the issue is difficult to reproduce but has happened to a number of our managed devices.