diff --git a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIUserService.java b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIUserService.java
index 07fe28485237288e51af9efa66b36f6a68af34b7..0ac759a0d76a52beb34d977eb429d445b6e8b9d7 100644
--- a/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIUserService.java
+++ b/smp-server-library/src/main/java/eu/europa/ec/edelivery/smp/services/ui/UIUserService.java
@@ -33,6 +33,7 @@ import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
 import java.time.OffsetDateTime;
 import java.time.ZoneId;
+import java.time.ZoneOffset;
 import java.util.Base64;
 import java.util.List;
 import java.util.Optional;
@@ -195,8 +196,26 @@ public class UIUserService extends UIServiceBase<DBUser, UserRO> {
         if (user.getCertificate() != null && (dbUser.getCertificate() == null
                 || !StringUtils.equals(dbUser.getCertificate().getCertificateId(), user.getCertificate().getCertificateId()))) {
             CertificateRO certRo = user.getCertificate();
-            DBCertificate certificate = conversionService.convert(user.getCertificate(), DBCertificate.class);
-            dbUser.setCertificate(certificate);
+
+            if (dbUser.getCertificate() != null) {
+                dbUser.getCertificate().setCertificateId(certRo.getCertificateId());
+                dbUser.getCertificate().setCrlUrl(certRo.getCrlUrl());
+                dbUser.getCertificate().setPemEncoding(certRo.getEncodedValue());
+                dbUser.getCertificate().setSubject(certRo.getSubject());
+                dbUser.getCertificate().setIssuer(certRo.getIssuer());
+                dbUser.getCertificate().setSerialNumber(certRo.getSerialNumber());
+                if (certRo.getValidTo() != null) {
+                    dbUser.getCertificate().setValidTo(certRo.getValidTo().toInstant()
+                            .atOffset(ZoneOffset.UTC));
+                }
+                if (certRo.getValidFrom() != null) {
+                    dbUser.getCertificate().setValidFrom(certRo.getValidFrom().toInstant()
+                            .atOffset(ZoneOffset.UTC));
+                }
+            } else {
+                DBCertificate certificate = conversionService.convert(certRo, DBCertificate.class);
+                dbUser.setCertificate(certificate);
+            }
 
             if (user.getCertificate().getEncodedValue() == null) {
                 LOG.debug("User has certificate data without certificate bytearray. ");
diff --git a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/auth/SMPAuthorizationService.java b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/auth/SMPAuthorizationService.java
index aa8f00fd81d6687429d58c8d78e19ccf9975b116..a741c84c38465af80148be40d6ece5f0ad19b400 100644
--- a/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/auth/SMPAuthorizationService.java
+++ b/smp-webapp/src/main/java/eu/europa/ec/edelivery/smp/auth/SMPAuthorizationService.java
@@ -132,7 +132,7 @@ public class SMPAuthorizationService {
                     userDetails.getUser().getUsername());
             return null;
         }
-        return getUserData(userDetails.getUser());
+        return getUserData(dbUser);
     }
 
     public UserRO getUserData(DBUser user) {