{{ session.user.gn }} {{ session.user.sn }} ({{session.user.name }}) settings

Click to generate Android or iOS bundle for current user account.

Mails will be sent to: {{ session.user.mail }}

{% if session.authority %}

Authority certificate

Several things are hardcoded into the certificate and as such require complete reset of X509 infrastructure if some of them needs to be changed.

Authority settings

These can be reconfigured via /etc/certidude/server.conf on the server.

{% if session.authority.mailer %}

Mails will appear from: {{ session.authority.mailer.name }} <{{ session.authority.mailer.address }}>

{% else %}

E-mail disabled

{% endif %}

User enrollment: {% if session.authority.user_enrollment_allowed %} {% if session.authority.user_multiple_certificates %} multiple {% else %} single {% endif %} allowed {% else %} forbidden {% endif %}

Machine enrollment: {% if session.authority.machine_enrollment_allowed %} allowed {% else %} forbidden {% endif %}

Certificate attributes:

Server certificate lifetime: {{ session.authority.signature.server_certificate_lifetime }} days
Client certificate lifetime: {{ session.authority.signature.client_certificate_lifetime }} days
Revocation list lifetime: {{ session.authority.signature.revocation_list_lifetime }} seconds

Authenticated users allowed from: {% if not session.authority.user_subnets %} nowhere

{% elif "0.0.0.0/0" in session.authority.user_subnets %} anywhere

{% else %}

{{ i }}

{% endif %}

Authority administration is allowed from: {% if not session.authority.admin_subnets %} nowhere

{% elif "0.0.0.0/0" in session.authority.admin_subnets %} anywhere

{% else %}

{{ subnet }}

{% endif %}

Authority administration allowed for:

{{ user.given_name }} {{user.surname }}

Signed certificates

Following certificates have been signed:

{% for certificate in session.authority.signed | sort(attribute="signed", reverse=true) %} {% include "views/signed.html" %} {% endfor %}

Tokens

Tokens allow enrolling smartphones and third party devices.

You can issue yourself a token to be used on a mobile device
Enter username to issue a token to issue a token for another user
Enter e-mail address to issue a token to guest users outside domain

{% if session.authority %}

Pending requests

Use Certidude client to apply for a certificate. {% if not session.authority.request_subnets %} Request submission disabled. {% elif "0.0.0.0/0" in session.authority.request_subnets %} Request submission is enabled. {% else %} Request submission allowed from {% for subnet in session.authority.request_subnets %}{{ subnet }},{% endfor %}. {% endif %} {# if session.request_submission_allowed #} See here for more information on manual signing request upload. {# endif #} {% if session.authority.autosign_subnets %} {% if "0.0.0.0/0" in session.authority.autosign_subnets %} All requests are automatically signed. {% else %} Requests from {% for subnet in session.authority.autosign_subnets %} {{ subnet }}, {% endfor %} are automatically signed. {% endif %} {% endif %}

{% for request in session.authority.requests | sort(attribute="submitted", reverse=true) %} {% include "views/request.html" %} {% endfor %}

Revoked certificates

Following certificates have been revoked,for more information click here.

{% for certificate in session.authority.revoked | sort(attribute="revoked", reverse=true) %} {% include "views/revoked.html" %} {% endfor %}