StrongKey FIDO Server (SKFS) Files

How to test two AAL-3 passwordless authentication protocols in one web application
----------------------------------------------------------------------------------

Try accessing any of the TLS ClientAuth + FIDO Demos at https://demo.strongkey.com.  You will not be able to see either website without doing the following:

First, get yourself a FIDO2 Security Key - Level-2 or above. If it supports X.509 digital certificates too, all the better - we have tested two of them (https://docs.strongkey.com/index.php/skfs-v3/mfa-implementations), but there are others too - check the FIDO Alliance Certified Security Keys web page for the list. Follow the manufacturer's instructions to set a PIN (or biometric if supported) on the Security Key before using the demo. Then do the following:

1. Download the "Good" P12 file to your PC
2. Using Firefox (or any modern browser), import the P12 file (password: 12345678)
3. Now, select the Discoverable web application - you should now see the web page
4. Plug in your Security Key into a USB port
5. Supply any random username and create new FIDO credentials on your Security Key
6. Login with your "Good" certificate + FIDO2 Security Key without passwords

To learn more about encrypting files and securing them on the network, contact StrongKey. If you need help with the demo, post a question on the SourceForge forum.

If you want to test if the "Bad" user will be denied access even though the digital certificate appears to be valid, you can import it (same password as the Good user) and try it out.

Thanks for checking it out.