2

I try to implement U2F into my web application. Since the application is available with more than one URL, I have to add a JSON file with valid FacetIDs as described in the spec. Yubico has a shorter summary of that spec on their website.

Unfortunatly, when I call the u2f.register(...) Method, I get the error code 2, which means that there is a problem with the AppID.

My AppID is the URL to the JSON file. As described in the spec, I add application/fido.trusted-apps+json as content type. Anyway, this URL is never called.

I'm using the newest Chrome (v46.0.2490.80m). As noted here the Chrome Extension is not necessary anymore.

Furthermore I found a closed Bug Report on the Chromium Project which tells me that U2F is implemented according to the Specs.

Instead of the Chrome Extension I'm using the u2f-api.js.

Is this u2f-api.js the problem? Is there a newer one?

This is my code so far:

var u2frequest =
[
    {
        "appId":"https://localhost:44300/api/u2f/appids.json",
        "challenge":"hDharTG-SROuScxyD7ACpMDp4xl6A91E9nUPXDRSo_4",
        "version":"U2F_V2"
    }
];
u2f.register(u2frequest, [], function (data) {
    // I always get data={errorCode:2} here.
}
Community
  • 1
  • 1
MichaelS
  • 3,809
  • 2
  • 26
  • 33

2 Answers2

2

Facets will not work with self signed certificates. So single identity application will work just fine on localhost, but multiple identifies will not work on localhost.

Best solution is to rent a VPS and get Letsencrypt certs.

Ackermann Yuriy
  • 537
  • 3
  • 10
1

I guess you have different origins in your appId json, the origin of facetID must be the same as AppID, for example: all facetID in https://example.com/app-id.json must have the same origin of https://*.example.com

so in your case your trustFaceID should all belong to https://localhost:44300

Qingbao
  • 46
  • 7