[only relevant for IT admins] Trigger challenge emails RA-Portal
A "challenge email" contains a URL to the RA-Portal. When the email recipient follows the URL (in their browser) and logs into the RA-Portal, their email address is linked to their IdM username, in the RA-Portal database.
- For functional email addresses, only one challenge email is sent, this is addressed to the applicant and not to the functional email. As a result the functional email is associated with the user ID of the applicant in the RA-Portal. This person then sees also the functional email under "Meine Client-Zertifikate".
- For personal and official mailboxes, one challenge email is sent to the sender email address and one to each of its alias email address, as defined in RA-Portal.
- All challenges must be confirmed (redeemed) before a user certificate can be requested.
- No challenges are required for @rwth-aachen.de addresses. The mailbox owner is identified by the data provided by the RWTH Identity Management.
Under "Meine E-Mail-Domains" you can check if there are challenges pending or redeemed for email addresses within your domain. e.g.:
- Row 1: Personal mailbox, Status icon shows "linked", i.e. certificates may be requested as all challenges have been redeemed and are still valid. User has one revoked certificate.
- Row 2: Personal mailbox, Status is "not linked", i.e. challenges have been sent, but have not yet been redeemed (i.e. the user has not followed the received URL). User can not apply for a certificate.
- Row 3: Functional mailbox, Status icon shows "pause". Applicant email is missing. No challenge can be sent (envelope icon missing). Row could still be deleted.
- Row 4: Functional mailbox, Status icon shows "pause". Applicant email is present. No challenge has been sent. Row could still be deleted.
By clicking on the Status icon (green or red chain link) you see when the challenge emails were sent, and which ones have been redeemed.
When sending a challenge email, the following information is displayed: