When Users Have Lost Their Devices with Client Certificates Installed
When users inform you that they have lost their device with a client certificate installed, you should take the following actions immediately to prevent unauthorized access to cybozu.com.
- Change the password of the user.
- Revoke the client certificate.
STEP 1: Changing User Passwords
You can change the password for a particular user on the "Change User Information" screen.
Changing Passwords Individually
STEP2: Revoking the Client Certificate
As administrators can revoke only the client certificate that belongs to the device owner, other users will not be affected.
-
Click the gear-shaped menu button in the header.
-
Click Users & System Administration.
-
Click Create & Download.
-
Enter a display name or a login name of the user in the search box to search the target user.
Moreover, you can expand the department tree and find the target user. -
Click Valid.
-
Select the checkbox for the user you want.
-
If necessary, change the expiration date of the client certificate to be reissued.
By default, the date is set to one year later. -
Select the "Remove existing certificates before re-issuing them" checkbox.
-
Click Create.
The procedure to disable the certificate installed on the lost device is complete.
When Revoking the Client Certificate
You cannot re-enable a revoked client certificate.
Reissue a client certificate and install it on the devices again.
Renewing Client Certificates on Devices
The notifications from mobile apps, such as kintone Mobile or KUNAI, using the Client Certificate Authentication will not be displayed on the devices.