hwo to let the yubiserve support https ?

lafikl / yubico-yubiserve

Automatically exported from code.google.com/p/yubico-yubiserve

GNU General Public License v3.0

1 stars 0 forks source link

hwo to let the yubiserve support https ? #2

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

I wan't use the yubiserve in production . so I want to know that how to let the 
yubiserve support https ?

Original issue reported on code.google.com by huangmingyou on 13 Dec 2010 at 3:11

GoogleCodeExporter commented 9 years ago

Actually https is not available. The only way to support the https is to use 
the apache reverse proxy and configure it to use a custom certificate.
Anyway this feature will be implemented in version 3.0, but there isn't yet a 
release date, so in the meantime you could use the server signature (you can 
use it with your own api key), already implemented, or if you really need the 
https, you can use the reverse proxy.

Original comment by b1ga...@gmail.com on 13 Dec 2010 at 3:25

Changed state: Accepted
Added labels: Type-Enhancement
Removed labels: Type-Defect

GoogleCodeExporter commented 9 years ago

HTTPS support has been implemented into version 2.9. You can find it using svn.
The version 3.0 will be available as soon as the MySQL support will be added 
and will be added to the downloads.

Original comment by b1ga...@gmail.com on 13 Dec 2010 at 10:43

Changed state: Started

GoogleCodeExporter commented 9 years ago

Version 3.0 released. MySQL support has been added, HTTPS support already added 
in version 2.9. You can find the new release both via svn, or via downloads 
link.

Original comment by b1ga...@gmail.com on 14 Dec 2010 at 10:43

GoogleCodeExporter commented 9 years ago

Original comment by b1ga...@gmail.com on 14 Dec 2010 at 10:43

Changed state: Verified

GoogleCodeExporter commented 9 years ago

ooh, very good!

Original comment by huangmingyou on 14 Dec 2010 at 1:17

GoogleCodeExporter commented 9 years ago

hi

         when I program my yubikey with oath-hotp . and verify with
yubico-yubiserve . can't verify it .

thereis my yubikey output.

rcje9u30rnr890599520
rcje9u30rnr805891323
rcje9u30rnr826267337
rcje9u30rnr894677877

so, I think publicid is rcje9u30rnr8.
 and this is the dbconf.py output.

 1 keys into database:
[Nickname] >> [PublicID]
 hmy                    >> rcje9u30rnr8

and I think aes key is right.  the yubico configure utility generate aes key
is ' 01 c3 8e 19 32 64 2e 7c 14 c6 29 59 0c 5a af 20 5b 00 4c 14'
when I use the dbconf.py -ha , I use the aes key
is' 01c38e1932642e7c14c629590c5aaf205b004c14'

I start up the yubiserve.py . and use  curl
http://127.0.0.1:8000/wsapi/2.0/oathverify?otp=rcje9u30rnr862234503  verify
it. get error like this:

otp=rcje9u30rnr862234503
status=BAD_OTP
t=2011-01-05T11:20:43

please help me!

Original comment by huangmingyou on 5 Jan 2011 at 3:21

GoogleCodeExporter commented 9 years ago

hi

          I found use the mysql database is ok, but I need set the active=1
; becuse when add new key, active=0.  but sqllite can't work. even I use the
dbconf.py -he id

Original comment by huangmingyou on 5 Jan 2011 at 6:03