Working with PKI/SKI/OATH Credentials

You can perform a variety of actions on PKI PKI describes the laws, policies, standards, and software that regulate or manipulate certificates and public and private keys., SKI Symmetric Key Infrastructure or OATH Open Authentication credentials.

  • Suspend (PKI and OATH)

  • Revoke (PKI, SKI and OATH)

  • View Certificate (PKI)

  • Hold (SKI and OATH)

  • Resume (SKI and OATH)

  • Set Password (SKI)

  • Resynchronize (SKI)

  • Unlock (SKI)

  • Get User (SKI)

  • Information (SKI)

  • Get Authentication Logs (SKI)

The specific action(s) available for a credential depend on the status of the credential. These actions are application-specific, depending on whether it is a PKI, SKI or an OATH credential.

  • An ACTIVE credential can be used. You can hold or revoke the credential.

  • When a credential is REVOKED, it can no longer be used or re-activated.

  • A credential with the HOLD status cannot be used, but it can be resumed (which is a re-activation of its status).

    • Note: Credentials with the HOLD status can also be revoked in the Help Desk.

  1. Go to the Help Desk Overview page.

  2. In the Cards, Virtual Smart Cards, Mobile App Certificates, or YubiKeys section, in the Action column of the Applications section, click the action for the credential you want to manage.

    For example, if you click Suspend, then the following Perform Process page appears:

  3. Click Submit.

    ActivID CMS notifies the CA The Certificate Authority (CA) issues and manages security credentials and public keys for message encryption in a networks environment. (for a PKI credential) or the ActivID AAA Server (for a SKI credential) or the ActivID Authentication Server (for an OATH credential). The following list describes the status of the credential for different actions:

    • For a Suspend action, the credential is put on Hold in the CA or ActivID AAA Server or ActivID Authentication Server. The user cannot use the credential, but it is still present in the CA or ActivID AAA Server or ActivID Authentication Server.

    • For a Revoke action, the credential is revoked in the CA or ActivID AAA Server or ActivID Authentication Server (which means that the user can never use the credential again).

    • For a Resume action, a credential put on Hold is set to an Active state in the CA or ActivID AAA Server or ActivID Authentication Server (which means that the user can use the credential again).

    • For a View Certificate action, the View Certificate page appears:

      • The certificate data is available on the screen. Click the Click here to download the certificate link to download the certificate as a file.

      • Click Done.

    4. When the action is completed, the Help Desk Overview page reappears.