When you have a certificate for "mail_firstName=Firstame", "mail_lastName=Lastname", email@example.com
later when you try to create a certificate for "mail_firstName=Firstame", "mail_lastName=Lastname", firstname.lastname@example.org", then you may receive the error
The subject DN must be unique for certificates to be created with the same SMIME profile.
In the Certificate profile there is no "mail_firstName" or "mail_lastName" defined. There only is a "Common Name (CN)". The policy defines three mandatory fields: mail_firstName, mail_lastName and mail_email.
Edit the profile in the PKI Manager and add "Email" to the "Subject DN" to make the subject DN unique. After updating the policy a fourth mandatory field "emailAddress" can be populated.