When Users Have Lost Their Devices with Client Certificates Installed

Article Number:02069
Intended audience: cybozu.cn Administrators

When users inform you that they have lost their device with a client certificate installed, you should take the following actions immediately to prevent unauthorized access to cybozu.cn.

  • Change the password of the user.
  • Revoke the client certificate.

STEP 1: Changing User Passwords

You can change the password for a particular user on the "Change User Information" screen.
Changing Passwords Individually

STEP2: Revoking the Client Certificate

As administrators can revoke only the client certificate that belongs to the device owner, other users will not be affected.

  1. Click the gear-shaped menu button in the header.

  2. Click Users & System Administration.

  3. Click Create & Download.
    Screenshot: "Create & Download" is highlighted

  4. In the search box, enter the display name or login name of the user to find the target user.
    You can also find the user by expanding the department tree.

  5. Click Valid. Screenshot: "Valid" is selected

  6. Select the checkbox for the target user.
    Screenshot: The checkbox of the target user is selected

  7. If necessary, change the expiration date of the client certificate to be reissued.
    By default, the date is set to one year later. Screenshot: The expiration date field is highlighted

  8. Select the "Revoke existing certificates before re-issuing them" checkbox. Screenshot: The "Revoke existing certificates before re-issuing them" checkbox is selected

  9. Click Create.
    The procedure to revoke the certificate installed on the lost device is complete.

When Revoking the Client Certificate

You cannot re-enable a revoked client certificate.
Reissue a client certificate and install it on the devices again.
Renewing Client Certificates on Devices

The notifications from mobile apps, such as kintone Mobile or KUNAI, using the Client Certificate Authentication will not be displayed on the devices.