6.5 Certificate reasons
When you carry out any action in MyID that can affect the state of certificates (for example, disabling a card, requesting a replacement card, or canceling a card) you are required to specify a reason for the change.
In some cases, a certificate may be a shared certificate – an archived certificate that exists on multiple devices.
This reason will affect how MyID updates the status of the certificates, what certificates are stored on the replacement card (if applicable) and what happens with archived certificates. The reason selected may affect shared certificates; for example, if the user has a mobile credential canceled that has a copy of an encryption certificate from a card, a card update job may be created to issue or recover a new encryption certificate onto all devices that have a copy of the shared certificate that is being revoked.
The list of available reasons depends both on the workflow and on your system configuration. Some reasons are generated by automatic processes – you will not see them in the user interface, but they will appear in the audit record.
6.5.1 Certificate reasons reference
This section lists each reason that you can specify, and details what happens to the card and its certificates in each case.
6.5.1.1 Lost
Current card: |
Canceled. |
Archived certificate on the current card: |
Revoked. |
Non-archived certificate on the current card: |
Revoked. |
Archived certificate on the replacement card: |
New certificate created. |
Non-archived certificate on the replacement card: |
New certificate created. |
Expiry date: |
Inherited from original card. |
Historic certificates: |
Attempt to recover certificates, if the device supports historic certificates. |
6.5.1.2 Damaged
Current card: |
Canceled. |
Archived certificate on the current card: |
Non-PIV systems: Active. PIV systems: Revoked. |
Non-archived certificate on the current card: |
Revoked. |
Archived certificate on the replacement card: |
Non-PIV systems: Original certificate recovered. PIV systems: New certificate created. |
Non-archived certificate on the replacement card: |
New certificate created. |
Expiry date: |
Inherited from original card. |
Historic certificates: |
None. |
6.5.1.3 Stolen
Current card: |
Canceled. |
Archived certificate on the current card: |
Revoked. |
Non-archived certificate on the current card: |
Revoked. |
Archived certificate on the replacement card: |
New certificate created. |
Non-archived certificate on the replacement card: |
New certificate created. |
Expiry date: |
Inherited from original card. |
Historic certificates: |
Attempt to recover certificates, if the device supports historic certificates. |
6.5.1.4 Forgotten
Current card: |
Disabled. |
Archived certificate on the current card: |
Active. |
Non-archived certificate on the current card: |
Suspended. |
Archived certificate on the replacement card: |
Original certificate recovered. |
Non-archived certificate on the replacement card: |
New certificate created. |
Expiry date: |
Inherited from original card. |
Historic certificates: |
Attempt to recover certificates, if the device supports historic certificates. |
6.5.1.5 Permanently Blocked
Current card: |
Canceled. |
Archived certificate on the current card: |
Non-PIV systems: Active. PIV systems: Revoked. |
Non-archived certificate on the current card: |
Revoked. |
Archived certificate on the replacement card: |
Non-PIV systems: Original certificate recovered. PIV systems: New certificate created. |
Non-archived certificate on the replacement card: |
New certificate created. |
Expiry date: |
Inherited from original card. |
Historic certificates: |
None. |
6.5.1.6 Compromised
Current card: |
Canceled. |
Archived certificate on the current card: |
Revoked. |
Non-archived certificate on the current card: |
Revoked. |
Archived certificate on the replacement card: |
New certificate created. |
Non-archived certificate on the replacement card: |
New certificate created. |
Expiry date: |
Inherited from original card. |
Historic certificates: |
Attempt to recover certificates, if the device supports historic certificates. |
6.5.1.7 Device holder on leave
Current card: |
Disable temporarily |
Archived certificate on the current card: |
No action |
Non-archived certificate on the current card: |
Suspend |
Archived certificate on the replacement card: |
n/a |
Non-archived certificate on the replacement card: |
n/a |
Expiry date: |
No action |
Historic certificates: |
No action |
6.5.1.8 Pending Investigation
Current card: |
Disabled. |
Archived certificate on the current card: |
Active. |
Non-archived certificate on the current card: |
Suspended. |
Archived certificate on the replacement card: |
Original certificate recovered. |
Non-archived certificate on the replacement card: |
New certificate created. |
Expiry date: |
Inherited from original card. |
Historic certificates: |
None. |
6.5.1.9 Non-payment of services
Current card: |
Disable permanently |
Archived certificate on the current card: |
Revoke |
Non-archived certificate on the current card: |
Revoke |
Archived certificate on the replacement card: |
n/a |
Non-archived certificate on the replacement card: |
n/a |
Expiry date: |
No action |
Historic certificates: |
Revoke |
6.5.1.10 Device holder leaving or changing role
Current card: |
Cancel |
Archived certificate on the current card: |
Revoke |
Non-archived certificate on the current card: |
Revoke |
Archived certificate on the replacement card: |
n/a |
Non-archived certificate on the replacement card: |
n/a |
Expiry date: |
No action |
Historic certificates: |
Revoke |
6.5.1.11 Device holder details change
Current card: |
Cancel |
Archived certificate on the current card: |
Revoke |
Non-archived certificate on the current card: |
Revoke |
Archived certificate on the replacement card: |
Issue new |
Non-archived certificate on the replacement card: |
Issue new |
Expiry date: |
Set new date |
Historic certificates: |
Revoke |
6.5.1.12 Pending Activation
Current card: |
Disable |
Archived certificate on the current card: |
No action |
Non-archived certificate on the current card: |
Suspend |
Archived certificate on the replacement card: |
n/a |
Non-archived certificate on the replacement card: |
n/a |
Expiry date: |
No action |
Historic certificates: |
No action |
6.5.1.13 Revocation (other)
Current card: |
Canceled. |
Archived certificate on the current card: |
Revoked. |
Non-archived certificate on the current card: |
Revoked. |
Archived certificate on the replacement card: |
New certificate created. |
Non-archived certificate on the replacement card: |
New certificate created. |
Expiry date: |
Inherited from original card. |
Historic certificates: |
Attempt to recover certificates, if the device supports historic certificates. |
6.5.1.14 Suspension (other)
Current card: |
Disabled. |
Archived certificate on the current card: |
Active. |
Non-archived certificate on the current card: |
Suspended. |
Archived certificate on the replacement card: |
Original certificate recovered. |
Non-archived certificate on the replacement card: |
New certificate created. |
Expiry date: |
Inherited from original card. |
Historic certificates: |
None. |
6.5.1.15 Found Original
Current card: |
Cancel replacement card permanently |
Archived certificate on the current card: |
Recover to original |
Non-archived certificate on the current card: |
Recover to original |
Archived certificate on the replacement card: |
No action |
Non-archived certificate on the replacement card: |
No action |
Expiry date: |
No action |
Historic certificates: |
No action |
6.5.1.16 Original Device Compromised
Current card: |
Cancel |
Archived certificate on the current card: |
Revoke |
Non-archived certificate on the current card: |
Revoke |
Archived certificate on the replacement card: |
n/a |
Non-archived certificate on the replacement card: |
n/a |
Expiry date: |
n/a |
Historic certificates: |
Revoke |
6.5.1.17 Request device Renewal
Current card: |
No action. |
Archived certificate on the current card: |
No action. |
Non-archived certificate on the current card: |
Revoked. |
Archived certificate on the replacement card: |
New certificate created. |
Non-archived certificate on the replacement card: |
New certificate created. |
Expiry date: |
New expiry date calculated from the date of issuance plus the lifetime of the card. |
Historic certificates: |
Attempt to recover certificates, if the device supports historic certificates. |
6.5.1.18 Batch Failed
Current card: |
Cancel |
Archived certificate on the current card: |
Revoke |
Non-archived certificate on the current card: |
Revoke |
Archived certificate on the replacement card: |
Issue new |
Non-archived certificate on the replacement card: |
Issue new |
Expiry date: |
Set new date |
Historic certificates: |
Revoke |
6.5.1.19 Bureau Failure
Current card: |
Cancel |
Archived certificate on the current card: |
Revoke |
Non-archived certificate on the current card: |
Revoke |
Archived certificate on the replacement card: |
Issue new |
Non-archived certificate on the replacement card: |
Issue new |
Expiry date: |
Set new date |
Historic certificates: |
Revoke |
6.5.1.20 Processing Failure
Current card: |
Cancel |
Archived certificate on the current card: |
Revoke |
Non-archived certificate on the current card: |
No action |
Archived certificate on the replacement card: |
Issue new |
Non-archived certificate on the replacement card: |
Issue new |
Expiry date: |
Set new date |
Historic certificates: |
Revoke |
6.5.1.21 Poor print quality
Current card: |
Cancel |
Archived certificate on the current card: |
Revoke |
Non-archived certificate on the current card: |
Revoke |
Archived certificate on the replacement card: |
Issue new |
Non-archived certificate on the replacement card: |
Issue new |
Expiry date: |
Set new date |
Historic certificates: |
Revoke |
6.5.1.22 Printing misaligned
Current card: |
Cancel |
Archived certificate on the current card: |
Revoke |
Non-archived certificate on the current card: |
Revoke |
Archived certificate on the replacement card: |
Issue new |
Non-archived certificate on the replacement card: |
Issue new |
Expiry date: |
Set new date |
Historic certificates: |
Revoke |
6.5.1.23 Poor lamination quality
Current card: |
Cancel |
Archived certificate on the current card: |
Revoke |
Non-archived certificate on the current card: |
Revoke |
Archived certificate on the replacement card: |
Issue new |
Non-archived certificate on the replacement card: |
Issue new |
Expiry date: |
Set new date |
Historic certificates: |
Revoke |
6.5.1.24 Incorrect layout printed
Current card: |
Cancel |
Archived certificate on the current card: |
Revoke |
Non-archived certificate on the current card: |
Revoke |
Archived certificate on the replacement card: |
Issue new |
Non-archived certificate on the replacement card: |
Issue new |
Expiry date: |
Set new date |
Historic certificates: |
Revoke |
6.5.1.25 Cancel device and leave Certificates
Current card: |
Cancel |
Archived certificate on the current card: |
No action |
Non-archived certificate on the current card: |
No action |
Archived certificate on the replacement card: |
n/a |
Non-archived certificate on the replacement card: |
n/a |
Expiry date: |
No action |
Historic certificates: |
No action |
6.5.1.26 Cancel Certificates and leave device
Current card: |
No action |
Archived certificate on the current card: |
Revoke |
Non-archived certificate on the current card: |
Revoke |
Archived certificate on the replacement card: |
n/a |
Non-archived certificate on the replacement card: |
n/a |
Expiry date: |
n/a |
Historic certificates: |
Revoke |
6.5.1.27 Derived Credential Notification Listener
Current card: |
Cancel |
Archived certificate on the current card: |
Revoke |
Non-archived certificate on the current card: |
Revoke |
Archived certificate on the replacement card: |
n/a |
Non-archived certificate on the replacement card: |
n/a |
Expiry date: |
n/a |
Historic certificates: |
Revoke |
6.5.1.28 Compromised – Reissue Shared Certificates
Current card: |
Cancel |
Archived certificate on the current card: |
Revoke |
Non-archived certificate on the current card: |
Revoke |
Archived certificate on the replacement card: |
Issue new |
Non-archived certificate on the replacement card: |
Issue new |
Shared certificate on other devices |
Issue new |
Expiry date: |
Set new date |
Historic certificates: |
Revoke |
6.5.1.29 Credential Profile Update (full revocation)
Current card: |
Update or Reprovision (depends on workflow) |
Archived certificate on the current card: |
Revoke |
Non-archived certificate on the current card: |
Revoke |
Archived certificate on the replacement card: |
Issue new |
Non-archived certificate on the replacement card: |
Issue new |
Expiry date: |
Set new date |
Historic certificates: |
Revoke |
6.5.1.30 Credential Profile Update (no revocation)
Current card: |
Update or Reprovision (depends on workflow) |
Archived certificate on the current card: |
Leave |
Non-archived certificate on the current card: |
Leave |
Archived certificate on the replacement card: |
Leave |
Non-archived certificate on the replacement card: |
Leave |
Expiry date: |
Leave |
Historic certificates: |
Leave |
6.5.1.31 Details Change – re-issue archived certificates
Current card: |
Reprovision |
Archived certificate on the current card: |
Revoke, and issue new |
Non-archived certificate on the current card: |
Do not revoke, and issue new |
Archived certificate on the replacement card: |
n/a |
Non-archived certificate on the replacement card: |
n/a |
Expiry date: |
Leave |
Historic certificates: |
Recover |
6.5.1.32 User details have changed
Current card: |
Reprovision |
Archived certificate on the current card: |
Do not revoke, and issue new |
Non-archived certificate on the current card: |
Revoke, and issue new |
Archived certificate on the replacement card: |
n/a |
Non-archived certificate on the replacement card: |
n/a |
Expiry date: |
Leave |
Historic certificates: |
Recover |
6.5.1.33 There is a problem with the device
Current card: |
Reprovision |
Archived certificate on the current card: |
Do not revoke, and issue new |
Non-archived certificate on the current card: |
Revoke, and issue new |
Archived certificate on the replacement card: |
n/a |
Non-archived certificate on the replacement card: |
n/a |
Expiry date: |
Leave |
Historic certificates: |
Recover |
6.5.1.34 New credential profile needs to be applied
Current card: |
Reprovision |
Archived certificate on the current card: |
Do not revoke, and issue new |
Non-archived certificate on the current card: |
Revoke, and issue new |
Archived certificate on the replacement card: |
n/a |
Non-archived certificate on the replacement card: |
n/a |
Expiry date: |
Leave |
Historic certificates: |
Recover |
6.5.1.35 New certificates need to be added to the device
Current card: |
Update |
Archived certificate on the current card: |
Do not revoke, and issue new – for certificates affected by the update only |
Non-archived certificate on the current card: |
Revoke, and issue new – for certificates affected by the update only |
Archived certificate on the replacement card: |
n/a |
Non-archived certificate on the replacement card: |
n/a |
Expiry date: |
Leave |
Historic certificates: |
Recover |
6.5.1.36 Device Replacement (Delayed Cancellation)
Current card: |
Canceled. |
Archived certificate on the current card: |
Revoked. |
Non-archived certificate on the current card: |
Revoked. |
Archived certificate on the replacement card: |
New certificate created. |
Non-archived certificate on the replacement card: |
New certificate created. |
Expiry date: |
Inherited from original card. |
Historic certificates: |
Attempt to recover certificates, if the device supports historic certificates. |