When you import an export file into a newly created CMA one of the core functions that occur is a migration of the certificate authority. The name of the CMA and the ICA do not necessarily need to match in an MDS environment. If you create a domain called "Production" and import a file that was taken from a server named "Lab", your certificate authority will actually still be called "Lab". This can be confirmed in Cpconfig or by running "#cpca_client lscert -kind SIC -stat Valid". Testing SIC to a gateway will show Lab in the cert string. All certificates created going forward will still have Lab in the name.
Sometimes this needs to be changed, because the customer just wants to see the new name or because a template domain was used to create 2 or more CMAs. Duplicate ICAs in domains can cause quite a few headaches and is detailed in sk17197. The resolution to both duplicate domains and just wanting to see a new name in the cert string is a full ICA reset. Part of the procedure requires resetting SIC to all gateways and re creating all VPN certificates, no way around it. Helpful documents are sk94871, sk34887, sk42071, and sk32491.
While I believe the same concepts apply to R80 the procedures listed do not.