The one place for your designs
To enable design management, you'll need to meet the requirements. If you need help, reach out to our support team for assistance.
certificate reset by mail
Summary
I would like to propose a new feature named "certificate reset by mail". It has exactly the same steps as password reset by mail, but for certificate.
The feature is proposed for 1.9. if I have time, I'd like to make the feature available for 2.0 too
Design proposition
- User click the reset certificate button.
- He enters his mail.
- If mail is found in directory, a mail is sent with a link.
- The password click the link and comes back to portal
- The portal asks him to enter his certificate (base64 pem only)
- the certificate and a computed field are stored in two attributes defined by administrator
- a confirmation mail is sent.
Limitations
- no .p12 certificate accepted
- configuration key stored in lemonldap-ng.ini
- user can't use the reset password and reset certificate kinematics at the same time, because the session records a mail has been sent.
I'll be glad to hear about your comments if any.