Since #3222, when the user disables UUID certs (use_uuid_for_certificates), Foreman won't update the stored UUID certnames of any existing hosts in an effort to stop revocation on destroy/rebuilds from deleting the wrong cert (or not deleting it at all). Instead, it will only delete the old UUID certname when a new certificate is next required (e.g. during a rebuild).

The user should be warned about the impact when changing the setting.