The time of the attestation certificate is not valid

yubikey

#1

Hello,

i have installed PI 2.22, set up LDAP on windows (working)
In the config, tokens, U2F, i have put in https://ip.address.of.pi.server
Then i enroll a new token, select U2F, select a user, put in a password.
When the yubikey is blinking, i touch the yubikey and get: The time of the attestation certificate is not valid.
can somebody help me with this?
i have tried multiple yubikeys

greetings,
Ben


#2

Hi Ben,

you can define a policy, if you have a token with a non valid attestation certificate:
https://privacyidea.readthedocs.io/en/latest/policies/enrollment.html#u2f-no-verify-certificate

Kind regards
Cornelius


#3

Hello Cornelius,

I am not familiar with privacyidea yet, so can you tell me where to change this parameter?

Kind regards,
Ben


#4

Hello Ben,
you need to define a policy.
At configuration -> policies you can define a policy in the scop “enrollment”.
(see the German screenshot)

Kind regards
Cornelius

Bildschirmfoto%20vom%202018-05-30%2023-08-38