Unfortunately "cert.subjectaltname.upn" is not present

Jul 15 2024 23:05:03 $HOSTNAME : %ASA-4-717037: Tunnel group search using certificate maps failed for peer certificate: serial number: $SERIAL, subject name: CN=$PERSON_DATA, issuer_name: CN=$ISSUER_DATA.
Jul 15 2024 23:05:03 $HOSTNAME : %ASA-4-113026: Error <username not found> while executing Lua script for group <$TUNNEL_GROUP>

# openssl x509 -noout -ext subjectAltName -in $PERSON_CERT.crt
X509v3 Subject Alternative Name:
email:example@domain.tld