If a person's laptop is lost or stolen, or the software tokens have been compromised, then all active software tokens can be replaced.
Standard workflow
|
|
Actor |
Action |
Option |
|---|---|---|---|
|
1 |
Software token user |
In Smart ID Self-Service: Clicks on Replace softtoken. In the displayed form, clicks Confirm. |
- |
|
2 |
Identity Manager |
Revokes all valid software tokens. Displays a form with an option to recover encryption certificate software tokens. |
- |
|
3 |
Software token user |
Optional: Clicks Search and selects one or more encryption certificate software tokens to be recovered. |
- |
|
4 |
CA |
Recovers any selected encryption certificates and issues new certificates for all other software tokens. |
- |
|
5 |
Identity Manager |
Generates and displays passphrases for the certificates in Open Tasks, and shows the software token in Certificates. |
- |
|
6 |
Software token user |
For each software token, receives an email with the certificate attached in a PKCS#12 container and instructions on how to install the certificate locally. |
- |
Technical references
-
PstmProcReplaceSofttokenUSSP
Sub-processes:
-
PstmSubProcReplaceSofttokenUSSP
-
PstmProcSubStartSoftwareTokenRequest
-
PstmProcSubRequestSoftwareToken