Common certificates are used in the scenario when a certificate issued outside the Axidian CertiFlow system is to be written to smart cards of multiple users via Axidian CertiFlow facilities.
The following restrictions are in force for common certificates:
- Common certificates cannot be suspended or revoked. Their update is only possible via deleting an older PFX and adding a new one.
- Common certificates are not published in Active Directory, file storage and application base. They are also not placed to user certificate storage via Axidian CertiFlow facilities.
- Sending e-mail notifications for the event Common certificates expiring is setting in the Administrator notifications item. Distribution occurs when 10% is reached before the certificate expires. For expired certificates, notifications stop sending.
The notification is available only to administrators, as it is tied to smart cards usage policy, and not to the smart card itself.
To Add common certificate to smart cards usage policy, select a PFX file, specify the password for access to file contents and click Add.
When Optional certificate option is enabled, common certificate is offered to be written to a smart card upon issuing or updating. If the option is disabled, the certificate is written to a smart card without prompting.