[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 606
  • Last Modified:

Certificate expiration

Hi all,
recently all our users who work with Lotus Notes are receiving the next message:
"WARNING: Your certificate issued to Name Surname/Server by /Server will expire on 14/03/2010. Request a new certificate by choosing File - Tools - User ID - Certificate - Request Certificate"

as i know accessing through Lotus Administrator it is possible to "Recertify" these user ids longer. Could you tell me where and how in lotus administrator can this be done?
It is lotus administrator version 6.

thanks and regards
0
thyet
Asked:
thyet
  • 3
  • 3
1 Solution
 
Sjef BosmanGroupware ConsultantCommented:
When you recertify a user, the Admin client will ask you for the New certificate expiration date. You can modify that date.

If ALL your users need to be recertified, you could also open the Admin client, go to People & Groups, People, select all users, and click Recertify at the right. You could give them all the same date;

But, there is a reason why certificates expire after only 2 years. Since the certificate is in the ID-file, and the ID-file can be copied, someone with such a file with an ever-lasting certificate could access the server even years after he left the company. So it's just another security measure.

Normally, the validity period is two years. After that period, Notes will start complaining. IMHO it is not good practice to take a much longer period, for the reasons I gave above. And what do these users complain about? It's only once every two years. What they should know is that they work for a company that values quality and security.

If I were the security manager of your company, I'd have asked you NOT to execute this idea...
0
 
thyetAuthor Commented:
Hi bosman,

thanks for your comments. According to them i was in the Admin client and, for testing, i've chosen a user (in people and groups) which certificate is going to expire. I clicked at right side "Recertify" and a pop up appears. I have two options, i've selected the first one and then i've searched the used id affected but ... next error appears, maybe i'm doing something wrong. See now the three pop us after clicking Recertify.

Regards,
untitled1.JPG
0
 
thyetAuthor Commented:
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Sjef BosmanGroupware ConsultantCommented:
You'd better read the Admin help database about how to recertify users.

About the popups:
- the Server is the registration server for the domain, most likely the main server
- the Certifier ID for a simple Domino environment is created when the environment was created, usually in cert.id
- the certifier is a separate ID-file, only suitable to (re)certify old and new people or servers
- the password is required to open the certifier ID-file

If you do NOT have the cert.id file AND the password, you can NOT recertify your users.
0
 
thyetAuthor Commented:
Thank you very much Bosman, really good explanation. I've found the cert.id together with the pass.

Regards

PS I'll take a look to the help as well.
0
 
Sjef BosmanGroupware ConsultantCommented:
Great!!
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now