• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 609
  • Last Modified:

Certificate expiration

Hi all,
recently all our users who work with Lotus Notes are receiving the next message:
"WARNING: Your certificate issued to Name Surname/Server by /Server will expire on 14/03/2010. Request a new certificate by choosing File - Tools - User ID - Certificate - Request Certificate"

as i know accessing through Lotus Administrator it is possible to "Recertify" these user ids longer. Could you tell me where and how in lotus administrator can this be done?
It is lotus administrator version 6.

thanks and regards
  • 3
  • 3
1 Solution
Sjef BosmanGroupware ConsultantCommented:
When you recertify a user, the Admin client will ask you for the New certificate expiration date. You can modify that date.

If ALL your users need to be recertified, you could also open the Admin client, go to People & Groups, People, select all users, and click Recertify at the right. You could give them all the same date;

But, there is a reason why certificates expire after only 2 years. Since the certificate is in the ID-file, and the ID-file can be copied, someone with such a file with an ever-lasting certificate could access the server even years after he left the company. So it's just another security measure.

Normally, the validity period is two years. After that period, Notes will start complaining. IMHO it is not good practice to take a much longer period, for the reasons I gave above. And what do these users complain about? It's only once every two years. What they should know is that they work for a company that values quality and security.

If I were the security manager of your company, I'd have asked you NOT to execute this idea...
thyetAuthor Commented:
Hi bosman,

thanks for your comments. According to them i was in the Admin client and, for testing, i've chosen a user (in people and groups) which certificate is going to expire. I clicked at right side "Recertify" and a pop up appears. I have two options, i've selected the first one and then i've searched the used id affected but ... next error appears, maybe i'm doing something wrong. See now the three pop us after clicking Recertify.

thyetAuthor Commented:
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Sjef BosmanGroupware ConsultantCommented:
You'd better read the Admin help database about how to recertify users.

About the popups:
- the Server is the registration server for the domain, most likely the main server
- the Certifier ID for a simple Domino environment is created when the environment was created, usually in cert.id
- the certifier is a separate ID-file, only suitable to (re)certify old and new people or servers
- the password is required to open the certifier ID-file

If you do NOT have the cert.id file AND the password, you can NOT recertify your users.
thyetAuthor Commented:
Thank you very much Bosman, really good explanation. I've found the cert.id together with the pass.


PS I'll take a look to the help as well.
Sjef BosmanGroupware ConsultantCommented:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now