Certificate expiration

Posted on 2010-01-07
Last Modified: 2013-12-18
Hi all,
recently all our users who work with Lotus Notes are receiving the next message:
"WARNING: Your certificate issued to Name Surname/Server by /Server will expire on 14/03/2010. Request a new certificate by choosing File - Tools - User ID - Certificate - Request Certificate"

as i know accessing through Lotus Administrator it is possible to "Recertify" these user ids longer. Could you tell me where and how in lotus administrator can this be done?
It is lotus administrator version 6.

thanks and regards
Question by:thyet
    LVL 46

    Expert Comment

    by:Sjef Bosman
    When you recertify a user, the Admin client will ask you for the New certificate expiration date. You can modify that date.

    If ALL your users need to be recertified, you could also open the Admin client, go to People & Groups, People, select all users, and click Recertify at the right. You could give them all the same date;

    But, there is a reason why certificates expire after only 2 years. Since the certificate is in the ID-file, and the ID-file can be copied, someone with such a file with an ever-lasting certificate could access the server even years after he left the company. So it's just another security measure.

    Normally, the validity period is two years. After that period, Notes will start complaining. IMHO it is not good practice to take a much longer period, for the reasons I gave above. And what do these users complain about? It's only once every two years. What they should know is that they work for a company that values quality and security.

    If I were the security manager of your company, I'd have asked you NOT to execute this idea...

    Author Comment

    Hi bosman,

    thanks for your comments. According to them i was in the Admin client and, for testing, i've chosen a user (in people and groups) which certificate is going to expire. I clicked at right side "Recertify" and a pop up appears. I have two options, i've selected the first one and then i've searched the used id affected but ... next error appears, maybe i'm doing something wrong. See now the three pop us after clicking Recertify.


    Author Comment

    LVL 46

    Accepted Solution

    You'd better read the Admin help database about how to recertify users.

    About the popups:
    - the Server is the registration server for the domain, most likely the main server
    - the Certifier ID for a simple Domino environment is created when the environment was created, usually in
    - the certifier is a separate ID-file, only suitable to (re)certify old and new people or servers
    - the password is required to open the certifier ID-file

    If you do NOT have the file AND the password, you can NOT recertify your users.

    Author Closing Comment

    Thank you very much Bosman, really good explanation. I've found the together with the pass.


    PS I'll take a look to the help as well.
    LVL 46

    Expert Comment

    by:Sjef Bosman

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    For users on the Lotus Notes 8 Standard client, this article provides information on checking the Java Heap size and adjusting it to half of your system RAM in attempt to get the Lotus Notes 8.x Standard client to run faster.  I've had to exercise t…
    This is an old article, please see an updated version of this article, located here:
    In this sixth video of the Xpdf series, we discuss and demonstrate the PDFtoPNG utility, which converts a multi-page PDF file to separate color, grayscale, or monochrome PNG files, creating one PNG file for each page in the PDF. It does this via a c…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now