Hi Cornelinux
Scenario that works for me. I choosed a user in the PI, clicked Add token, choosed Registration. E-mail is sent to the user. User logins to PI webpage, set up PIN and capture QR. Then he is able to log in VPN with PIN+TOTP. If I open his token, I can do test token successfully (PIN+TOTP or even only TOTP).
Scenario that does not work for me. I have this csv file
'# version: 2
john,dc1,company_local,john,XTYMIJ73G4PVLKE6,TOTP
I imported it to the PI. I can see that token was attached to the existed user John. Sofar nice!
If I do test of the TOTP only, I get following error - “500 Internal Server Error: The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there is an error in the application.”
My user John has also PIN registered on pfSense. I opened John’s token, filled his PIN twice clicked on the Setup PIN button.
If I do test of PIN+TOTP, I get again the error 500 Internal Server Error
This is what I see ini the log (shorter version)
File "/opt/privacyidea/lib/python3.9/site-packages/privacyidea/lib/tokens/HMAC.py", line 82, in hmac
dig = self.secretObj.hmac_digest(data_input, self.hashfunc)
File "/opt/privacyidea/lib/python3.9/site-packages/privacyidea/lib/crypto.py", line 115, in hmac_digest
self._setupKey_()
File "/opt/privacyidea/lib/python3.9/site-packages/privacyidea/lib/crypto.py", line 138, in _setupKey_
self.bkey = binascii.unhexlify(akey)
binascii.Error: Non-hexadecimal digit found
Which config shall I send you?
Do I guess well problem is in the pfSense secret?
Thanks, Aldomoro