27.3 Certificate renewal checks
Before MyID generates a request for a certificate renewal, it checks whether the credential profile has the Require user data to be approved option set; if so, MyID checks the following:
- The person who will receive the certificate renewal has their User Data Approved flag set to Yes.
- The certificate being renewed has a renewal date within the person's vetting date validity period. This renewal date is the either the certificate's expiry date or, if set, the explicit renewal date set in the Issued Certificates workflow, whichever is earlier.
If either of these checks fails, MyID does not generate the certificate request; optionally, you can configure MyID to generate email notifications that inform the person that they are not permitted to receive a certificate renewal; see section 27.5, Configuring the identity check email notifications.