Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Jonathan
Contributor

Dynamic ID with HTTPS not working

Hi,

Using R80.20

We use Dynamic ID in Mobile Access blade to sent OTP via SMS to our users.

I got the link from our SMS provider and it's working fine when using HTTP.

But when using HTTPS it's failing. User gets error "Dynamic ID Authentication Failed".

When I try it in a browser it's working fine with HTTPS.

When I try with CURL from the GW, I get a certificate error.

I got the current site certificate from the SMS provider and imported the intermediate certificate to the "Trusted CAs" tab under HTTPS Inspection. the root certificate was already there -  but it's still not working.

Only time I managed to get it working with CURL is when I used:

"curl_cli --cacert /opt/CPsuite-R80.20/fw1/database/ca_bundle.pem.tmp"

 

Should I rename the file and remove the .tmp? I don't know what are the consequences are.

 

Appreciate the help

 

0 Kudos
4 Replies
PhoneBoy
Admin
Admin

Recommend engaging the TAC here.

0 Kudos
emmap
Employee
Employee

You may find that the solution in sk110779 will help here.

0 Kudos
Chris_Atkinson
Employee
Employee

Hi Jonathan, to confirm are you running...

 

R80.20 JHF T183 or higher per sk167177?

-or-

R80.20 JHF T203 or higher per sk170303?

0 Kudos
MartinTzvetanov
Collaborator

I had a similar case earlier this year. The gateway was R80.30 take 140 and after installing take 236 stopped DynamicID due to an OSCP. Per sk167177 T140 shouldn't work but 236 should work - well, in my case it was vice versa, no one could ever explain me why. After all I upgraded to R80.40 - it worked even with no hotfix installed, again no explanation. I'll advice you to run a debug and look for OCSP errors. If this is the case - plan to upgrade to a higher version, for me personally I don't find any helpful in Solution part of sk167177.

0 Kudos