Problem with Pushtoken

hschmitz · November 19, 2020, 2:12pm

Hello to all,
I am trying to use privacyIdea with the privacyIDEA Authenticator APP.
If i test the Token in the GUI I get the Push on the App on the Phone.
But If i press Accept i get a Error in the APP:

HandshakeExeption : Handshake error in Client
(OS Error Certificate_Verfiy_Failed:Self signed Certificate(Handshake.cc:354))

I have no Idea what i have to do to solve this.

I would be very happy if someone could give me a tip.

German:

Hallo an alle,
Ich versuch gerade den privacyIDEA Server auf Ubuntu zu installieren.
Ich bin jetzt soweit das mein ActiveDirectory eingebunden ist, und ein Pushtoken erstellt werden kann.
Rollout auf Handy klappt auch.
Wenn ich in privacyIDEA den Push teste komme auch wunderbar die Nachricht aufs Handy.
Aber wenn ich jetzt in der App Akzeptieren drücke kommt:

HandshakeExeption : Handshake error in Client
(OS Error Certificate_Verfiy_Failed:Self signed Certificate(Handshake.cc:354))

Hab keine Ahnung wies jetzt weiter geht…

Ich währe sehr froh für einen kleinen Schups in die richte Richtung.

Vielen Dank im vorraus.

Helge Schmitz

cornelinux · November 20, 2020, 7:01am

Hello Helge,

thank you for using privacyIDEA.
It looks like phone does not trust the SSL Certificate of the privacyIDEA machine.
Please note, that with the push token your smartphone/token needs to communicate to the privacyIDEA server. I.e. it must reach the privacyIDEA server and it must trust the certificate.

What you have to do: Either issue a general trusted certificate to the privacyidea machine (which is a normal linux admin task and out of scope of this forum) or add the certificate of the privacyIDEA machine to the trusted CAs of the smartphone (which is also out of scope of privacyIDEA).

Regards
Cornelius

hschmitz · December 11, 2020, 2:43pm

Hello,
ahh Lets Encrypt is your friend…

Thank you

Helge