HSM PSKC11 Errors CKR_TOKEN_NOT_PRESENT

quoc-axiadids · September 14, 2017, 9:10pm

Hello,

Webserver - nginx/uwsgi.

I’ve ran into a situation when running privacyidea with a HSM where I would fail the authentication (/validate/check) due to PKCS11 CKR_TOKEN_NOT_PRESENT consistently.

I am running uwsgi and in front I have nginx. When I restart uwsgi, I am able to authenticate once normally.

Could this be stale processes in uwsgi trying to communicate to the HSM?

cornelinux · September 15, 2017, 8:44pm

Looks like the connection to the HSM was lost.
The HSM module needs to reinitialize the HSM connection.
We need to try to catch the error.

Can you please open an issue on github and if possible provide an error log, preferrably with a traceback!

Thanks a lot
Cornelius