Hi SKFS comes with a policy module that helps control a lot of parameters for FIDO registration and authentication. The default policy installed till SKFS 4.16 has a default end date of Oct 10th, 2025 which is today. If an deployed SKFS has started throwing errors which say "No policy found", it means that the policy is no longer valid and you need to update the policy with the desired end date. To update the policy, perform the following steps: 1) Log into the SKFS as 'strongkey; user. 2) Follow...
Updating SourceForge SKFS sampleapps to v4.17.0
Updating SourceForge SKFS to v4.17.0
Updating SourceForge SKFS to v4.17.0
unnecessary change to see if branch shows up in SF GUI
Updated links in readme
Updating SourceForge SKFS sampleapps to v4.16.0
Updating SourceForge SKFS to v4.16.0
Hi Desmond, Thank you for raising this concern. Arshad has reached out to us to help resolve the issue. We are happy to report that our certificate on the FIDO metadata service has been repaired and is working correctly now. You should be able to use the OneSpan Digipass FX7 device withthe StrongKey services properly now.
Excellent! Glad things worked out. Don't need to thank me - the actual work was done by colleagues in identifying the problem - I just did the communication work. Have a good weekend.
Hi Arshad, I followed your instructions to disable to MDS check, I was able to register and authenticate successfully. Thanks so much for your help! ;)
Hi Arshad, I followed your instructions to disable to MDS check, I was able to register and login successfully. Thanks so much for your help! ;)
Hi Arshad, appreciate your prompt reply. I will try your SKFS in my local setup with the configuration suggested. Will keep you posted on the outcome. Many thanks! :)
Desmond, Here is the problem. Of the 332 entries in the FIDO Alliance Metadata Services (MDS), the entry corresponding to the attestation certificate of OneSpan's authenticator is the ONLY one that has an invalid character in it: AAGUID: 30b5035e-d297-4ff1-b00b-addc96ba6a98 contains : YES "\tMIICojCCAkigAwIBAgIUVn2bWvs0Kl27jgwu1cLl8PxDo34wCgYIKoZIzj0EAwIwgacxCzAJBgNVBAYTAkJFMRAwDgYDVQQIDAdCcmFiYW50MRgwFgYDVQQHDA9TdHJvbWJlZWstQmV2ZXIxEDAOBgNVBAoMB09uZVNwYW4xIjAgBgNVBAsMGUF1dGhlbnRpY2F0b3IgQXR0ZXN0YXRpb24xDDAKBgNVBAMMA0NYMTEoMCYGCSqGSIb3DQEJARYZam9oYW4udmVycmVwdEBvbmVzcGFuLmNvbTAeFw0yMjEyMDIxMTQ1MjhaFw0zMjExMjkxMTQ1MjhaMIGnMQswCQYDVQQGEwJCRTEQMA4GA1UECAwHQnJhYmFudDEYMBYGA1UEBwwPU3Ryb21iZWVrLUJldmVyMRAwDgYDVQQKDAdPbmVTcGFuMSIwIAYDVQQLDBlBdXRoZW50aWNhdG9yIEF0dGVzdGF0aW9uMQwwCgYDVQQDDANDWDExKDAmBgkqhkiG9w0BCQEWGWpvaGFuLnZlcnJlcHRAb25lc3Bhbi5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARfH/AnC2HAV2B44SbfoSMegBQ2Uxa+SlYhp8YGeEolvaMSTTSMVEg2qalHPCwc20WftsHGWIDPauB4ny77Rfqyo1AwTjAdBgNVHQ4EFgQUwD45b6V2a+CxGFcsjjEmBmt/RUswHwYDVR0jBBgwFoAUwD45b6V2a+CxGFcsjjEmBmt/RUswDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQDAgNIADBFAiEAz1QJQPaPYVqbV+W/pxJm1ZXyNK5hn/pBK1JXGIPXdX4CICgalg239zxKb2Fh+H5Q38/q7ZTsNlM61ScY2k3Gdl90"...
We will look into this, Desmond. We have also contacted OneSpan to get some of their Security Keys so we can test them in-house. Hopefully, we can figure out the issue from our server logs even before their Authenticators arrive. We'll get back to you as soon as we learn something. Thanks for testing it out with our demos and FIDO Server. On 2/25/25 6:29 PM, Desmond wrote: Hi Arshad, thanks for your quick reply. Below is the link of the product I tested. It is fido2 certified. OneSpan does have a...
Hi Arshad, thanks for your quick reply. Below is the link of the product I tested. It is fido2 certified. OneSpan does have a few models of Fido2 key. The one I tested is FX1 Bio. https://www.onespan.com/products/digipass-fx1-bio I attach the screenshot of the error code I got. When I inspected the developer console, I saw http 500 error. I tested the basicdemo portal below, username is 'soonde1' https://demo.strongkey.com/basicdemo/
Is it a FIDO Alliance certified Security Key, Desmond? Can you send a link to the product on their website? I'm not sure how many models they have. When you go into Developer mode on the browser and trace Network calls, what are you seeing when you try to register a credential with the Security Key? Also, which application on our website are you testing with, and what username did you use? We can look at the logs of our FIDO server and see if we can find anything. On 2/25/25 2:21 AM, Desmond wrote:...
Hi, I tested your demo website. Somehow it didn't support my Fido2 key. It is possible to add support to fido2 key from OneSpan? Look forward to your reply. -D Soon
Updating SourceForge SKFS to v4.15.1
Changed service credential consants to configs for non-default installations
