Editing The Token; Listing Token Certificates - Red Hat CERTIFICATE SYSTEM 7.2 - AGENT GUIDE Manual

To change the status, select the menu item, and click Go.

3.2. Editing the Token

Clicking the Edit button opens up a page listing the token owner UID, the token CUID, the token status, and the token
policy. Agents can edit one field for a token in this page, setting the policy that is in effect.
The two supported token policies are RE_ENROLL, which allows a user to re-enroll certificates with the same token, and
PIN_RESET which allows the token user to initiate a PIN reset operation. The values for both of these are either YES or
NO. Both policies can be set by separating them with a semi-colon. For example, to allow the user to reset his PIN but to
disallow re-enrolling with the same token, the policy would be as follows:
RE_ENROLL=NO;PIN_RESET=YES
NOTE
If the PIN_RESET policy is not set, then user-initiated PIN resets are allowed by default. If the policy is present
and is changed from NO to YES, then a PIN reset can be initiated by the user once; after the PIN is reset, the
policy value automatically changes back to NO.
More token information can be modified through the Administrator Operations tab.

3.3. Listing Token Certificates

Clicking the Show Certificates button in the token details page returns a list of all certificates stored on that token and in-
formation such as certificate ID, certificate type, and serial number.
3.2. Editing the Token
Figure 8.6. Agent Edit Page
58 Chapter 8. TPS: Agent Services