When Users Have Lost Their Devices with Client Certificates Installed
When users inform you that they have lost their device with a client certificate installed, you should take the following actions immediately to prevent unauthorized access to cybozu.cn.
- Change the password of the user.
- Revoke the client certificate.
STEP 1: Changing User Passwords
You can change the password for a particular user on the "Change User Information" screen.
Changing Passwords Individually
STEP2: Revoking the Client Certificate
As administrators can revoke only the client certificate that belongs to the device owner, other users will not be affected.
-
Click the gear-shaped menu button in the header.
-
Click Users & System Administration.
-
Click Create & Download.
-
In the search box, enter the display name or login name of the user to find the target user.
You can also find the user by expanding the department tree. -
Click Valid.
-
Select the checkbox for the target user.
-
If necessary, change the expiration date of the client certificate to be reissued.
By default, the date is set to one year later. -
Select the "Revoke existing certificates before re-issuing them" checkbox.
-
Click Create.
The procedure to revoke the certificate installed on the lost device is complete.
When Revoking the Client Certificate
You cannot re-enable a revoked client certificate.
Reissue a client certificate and install it on the devices again.
Renewing Client Certificates on Devices
The notifications from mobile apps, such as kintone Mobile or KUNAI, using the Client Certificate Authentication will not be displayed on the devices.