Skip to main content
Version: Axidian CertiFlow 7.2

Update

You need to update a card in the following cases:

  • The validity period for one or more certificates has expired or is about to expire
  • You have assigned a new policy to a user
  • You have written certificates to a card outside Axidian CertiFlow
  • You have updated policy settings:
    • The number of certificate templates has changed
    • Tracked user attributes in certificate templates have been modified
    • Common certificates have been added or removed
    • At least one optional certificate is configured
    • Integration with Axidian Access has been enabled or disabled

Assigning a user a new policy triggers the following changes during a card update:

  1. Axidian CertiFlow removes certificates configured in the current policy but not in the new one.
  2. Certificates configured in the new policy but missing from the current one are written to the card.
  3. Certificates common to both policies remain unchanged.

Update a card

  1. In the Management Console side panel, go to the Users section and find the required user.

  2. Open the user's profile, select the required card and click Update in the card menu.

    tip

    If you do not have access to the card, assign a task to the client agent: enable the Update card on agent option.

  3. Connect the card to the workstation

  4. Select the templates for the certificates to be generated and written to the card. Axidian CertiFlow writes mandatory certificates to the card automatically.

  5. Enter the user PIN.

  6. If a card contains third-party certificates, Axidian CertiFlow can detect them and record information about these certificates in the database. Select the certificates and click OK.

    The certificates window is displayed if you enable the Search for certificates when card is issued or updated to track validity period option in policy settings (WorkflowGeneral).

  7. Click Update.

  8. Click Close after the card update operation completes.

Documents check

A card update operation can be suspended if your company’s regulations require the documents to be verified and approved in the Certification Authority (CA) before you obtain your certificates.

Configure the following settings in Axidian CertiFlow to verify the certificate renewal request in the CA:

  1. Open the Configuration section and navigate to policy settings.
  2. Go to PKI settings, select the required CA and open the Templates section.
  3. Clear the Accept signed certificate renewal request automatically option.

In the card update window, you can see this message: Card update pending. The card has Pending status. This means that your card update request is awaiting approval.

If the certificate request is approved in the CA, it gets the Approved status and is written on the card. Open the card menu and click Continue card update.

If the request is rejected, you can perform the following operations:

If you have configured email notifications, you will receive an email with the approval status notification – Card update approved or Card update rejected. If notifications are not configured, wait for the Continue card update option to appear in the card menu.

info

The CA settings can restrict automatic certificate renewal and allow renewal only for currently valid certificates. In such cases, the Accept signed certificate renewal request automatically option in Axidian CertiFlow does not regulate the automatic certificate renewal process.

Cancel update

You can cancel a card update operation if the Cancel card update option is enabled in policy settings (WorkflowAdministrator Permissions).

To cancel a card update:

  1. In the card menu, select Cancel update.
  2. Enter the User PIN.
  3. Connect the card and click Cancel update.
tip

If you do not have access to the card, assign a task to the client agent: enable the Cancel update on agent option.

Allow users update cards in the Self-Service

You can allow or prevent users from updating their card in the Self-Service. To configure the permission:

  1. Open the Configuration section and navigate to policy settings.
  2. Go to WorkflowUser PermissionsIssued card operations.
  3. Enable the Update option.