Renew virtual smart card
On a configurable interval (using batch synchronization), Identity Manager runs an expiry check to detect all virtual smart card certificates that will expire within the coming period.
Standard workflow
| Actor | Action | Option | |
|---|---|---|---|
| 1 | Identity Manager | Identity Manager automatically runs the Expiry check. Certificates that will expire in the coming period will be detected. Each user will receive an email with instruction for renewal. | - |
| 2 | Virtual smart card user | Logs in to the Smart ID Self-Service. Checks the open tasks to renew virtual smart card. Clicks Start renewal. | - |
| 3 | Identity Manager | Removes expired authentication and signing certificates from the card. Keeps and reuses old encryption certificates. | - |
| 4 | Smart ID Desktop App | Starts and activates a new smart card profile. | - |
| 5 | Virtual smart card user | In Smart ID Desktop App: Enters a PIN. Confirm the PIN entry. | - |
| 6 | Smart ID Desktop App | Creates key pairs on the trusted platform module (TPM). | - |
| 7 | CA | Issues certificates. The certificates are stored in Identity Manager and on the TPM. | - |
| 8 | Virtual smart card user | In Smart ID Desktop App: Confirms the new certificates. | - |
| 9 | Identity Manager | In Smart ID Self-Service: Displays the new virtual smart card in Cards tab and the new certificates in the Certificates tab. | - |
Technical reference
- PcmProcRenewVirtualSmartcard
Sub-processes
- PcmSubProcCreationOfVSC
- PcmProcChangeStateOfCertificatesSuperseded