Thanks asked the engineer to try them now.

The page does not seem to show anything ?
Both of them besides mentioning the SK numbers.
How to know what do in the CLI ?

To view SKs you need to be logged in with your Product Center (User Center) / Support username

For CLI refer to:

https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/show-sessions~v2.0.1%20

There are other relevant topics before and after this one

Without having a look at the SK articles i would do following using mgmt_cli
Having a look at the user's sessions and some info.

(echo "UID STATE MODE LOCKS CHANGES"; mgmt_cli -r true show sessions details-level full -f json | jq -r '.objects[] | select(.["user-name"] == "usename") | "\(.uid) \(.state) \(.["connection-mode"]) \((.locks|length)) \((.changes|length))"') | column -t

to delete all sessions of a user

mgmt_cli -r true show sessions details-level full -f json | jq -r '.objects[] | select(.["user-name"] == "username") | .uid' | xargs -I {} mgmt_cli -r true disconnect uid "{}"

But since the GUI does nothing other than make such API calls, I doubt that it will work for you.

You need valid support account to view those SKs. 

Hi, it did not work. It kicked out all of the connected users but not the one we wanted to disconnect.

Did you try cpstop and cpstart ?

cpstop ; cpstart

If yes, this is the point where i would recommend logging a sr at uc.

Since you said even reboot failed to solve this, definitely open TAC case.

Is it possible to install vpn certificate on the fw domain through CLI or is it locked to the same user in CLI as well ?

My logical assumption would be its most likely locked as well.

No, because the underlying session is still locked.
The session must be published or discarded.

If you cannot do this through the standard mechanisms, then you will need TAC to assist you in removing it.