Customizing certificate file names

13.3 Customizing certificate file names

When you save a soft certificate .pfx file to your PC or to a USB drive, MyID automatically creates a file name in the following format:

<LogonName> <PolicyName>.pfx

where:

<LogonName> is the person's logon name.
<PolicyName> is the name of the certificate policy used to issue the certificate.

For example:

Susan.Smith PIVSigning (2).pfx

To customize the format of these automatically-generated certificate file names, you must edit the appsettings.Production.json file of the rest.provision web service:

As an administrator, open the appsettings.Production.json file in a text editor.

By default, this is:

C:\Program Files\Intercede\MyID\rest.provision\appsettings.Production.json

This file is the override configuration file for the appsettings.json file for the web service. If this file does not already exist, you must create it in the same folder as the appsettings.json file.
In the MyID section, edit the CertificateFileName section.

If this section does not exist, you must add it.

The format is:
Copy
```
{
  "MyID": {
    ...
    "CertificateFileName": {
      "default": "[[People.LogonName]] [[PolicyName]]"
    },
    ...
  }
}  
```
You can use the following substitutions:
- [[People.FieldName]] – where FieldName is the name of a field in the vPeopleUserAccounts view in the MyID database.
  
  For example:
  
  [[People.LogonName]]
  
  [[People.GroupName]]
- [[PolicyName]] – the friendly name for the policy.
- [[DateTime.Format]] – where Format is the date and time format you want to use.
  
  Sample codes:
  - yyyy – year; for example, 2021.
  - MM – two-digit month; for example, 09.
  - MMM – short month; for example, Sep.
  - MMMM – full month; for example, September.
  - dd – two-digit day; for example, 02.
  - HH – hour in 24-hour clock; for example, 23.
  - hh – hour in 12-hour clock; for example, 11.
  - mm – minutes; for example, 29.
  - ss – seconds; for example, 45.
  You can use - to separate the components of the date and time. Do not use : or / as this causes errors when creating the filename. Any characters you use must be valid for filenames.
  
  Examples:
  - [[DateTime.yyyy-MM-dd]]
  - [[DateTime.yyyy-MM-dd HHmm]]
  Note: Times are in UTC.
- [[RandomNumber.####]] – adds a random number to the file name. The number of digits in the random number is determined by the number of # signs you include.
Save the appsettings.Production.json file.
Recycle the web service app pool:
1. On the MyID web server, in Internet Information Services (IIS) Manager, select Application Pools.
2. Right-click the myid.rest.provision.pool application pool, then from the pop-up menu click Recycle.
This ensures that the web service has picked up the changes to the configuration file.

13.3.1 File name formats for individual certificate policies

You can also specify custom formats for individual certificate policies.

In the CertificateFileName section, add a section for each certificate policy. Any policy not listed uses the default format.

Copy

{
  "MyID": {
    ...
    "CertificateFileName": {
      "default": "[[People.LogonName]] [[PolicyName]]",
      "policy": [
        {
          "name": "PolicyFriendlyName",
          "fileName": "FilenameFormat"
        }
      ]
    },
    ...
  }
}

where:

name – the friendly name for the certificate policy.
filename – the format to use for .pfx files for certificates created from that policy.

You can create multiple name/fileName pairs within the policy node; for example:

Copy

"policy": [
  {
    "name": "PolicyFriendlyName",
    "fileName": "FilenameFormat"
  },
  {
    "name": "PolicyFriendlyName 2",
    "fileName": "FilenameFormat 2"
  }  
]

13.3.2 Example custom file name format

For example:

Copy

"CertificateFileName": {
  "default": "[[People.LogonName]] [[PolicyName]] [[DateTime.yyyy-MM-dd HHmm]]",
  "policy": [
    {
      "name": "PIVSigning (2)",
      "fileName": "[[People.LogonName]] Signing Certificate [[DateTime.yyyy-MM-dd HHmm]] [[RandomNumber.########]]"
    },
    {
      "name": "PIVEncryption (2)",
      "fileName": "[[People.LogonName]] Encryption Certificate [[DateTime.yyyy-MM-dd HHmm]]"
    },
  ]
},

This example uses a default format that includes the person's logon name, the policy friendly name, and the date and time the certificate was issued.

It also specifies a custom format for the PivSigning (2) certificate policy, that replaces the friendly name with the words "Signing Certificate" and an eight-digit random number, and a custom format for PIVEncryption (2) that replaces the friendly name with the words "Encryption Certificate".

Example filenames produced by this format are:

Susan.Smith PIVCardAuthentication (2) 2023-06-30 1341.pfx
Susan.Smith Encryption Certificate 2023-06-30 1341.pfx
Susan.Smith Signing Certificate 2023-06-30 1341 37593128.pfx