Certificate policies allow certificates to be used as an alternative method of user authentication that does not require a physical product, and is available for selection as an authenticator for logon steps.
The policy can be found by navigating to "Administration | Policies", then scrolling down to the policy "Certificate system policies";
The certificate system policy settings can be edited by using the context menu option "Edit";
A new window will now open titled "Policy - Edit" that can be used to view and edit the policy settings for this policy;
The category for this policy is "Certificate" (this property cannot be edited). |
|
The holder of this policy is "System" (this property cannot be edited). |
|
The name assigned to identify the lockout system policy by the System Administrator. |
|
The System Administrator may use this field to annotate this policy.
|
|
This option allows the System Administrator to enable or disable this policy. |
|
The validity period (in days) for the certificate.
|
|
- Accept
Accept request for certificate.
- Deny
Deny request for certificate.
|
|
This option defines whether to store external user's certificate in LDAP.
|
|
|
|
The expandable section provides certificate activation related parameters as follows;
Certificate Activation
- Automatically activate the certificate when created or assigned
When the certificate is created or assigned to the user it will be automatically activated.
- Send Activation Code to the user when created or assigned
When the certificate is created or assigned to the user an activation code will be sent to the user.
- Do Nothing
When the certificate is created or assigned to the user the certificate will not be activated and no activation code will be sent to the user.
|
|
This option defines whether users are allowed to request activation code or not. |
|
This parameter is used to customise the contact message that is sent to the user providing instructions on how to activate their certificate. |
|
|
|