Issue: When a user initiates authentication using the Smartphone method, push message does not appear on the smartphone screen. However, when the user launches the NetIQ Advanced Authentication application manually, the authentication request appears and the user is able to authenticate.
Reason: This issue occurs due to the following reasons:
Your firewall lacks connectivity to proxy.authasas.com by HTTPS.
Temporary problems with Apple/ Google push services.
You have a traffic inspector or another third-party software that re-signs certificates.
Solution 1: Perform the following steps for respective reasons:
Check the firewall settings. See Configuring Firewall.
Contact support.
Upload a root certificate to the AAF trusted store:
Copy certificate to Advanced Authentication server.
Copy certificate to aaf_aucore_1 container:
docker cp <certificatefile> aaf_aucore_1:/etc/pki/trust/anchors/
Update certificate using the following command:
docker exec -it aaf_aucore_1 /bin/bash -c "update-ca-certificates; ln -s /var/lib/ca-certificates/ca-bundle.pem /var/lib/ca-certificates/pem/ca-certificates.crt"
Solution 2: From Advanced Authentication 6.3.3, docker containers OS is changed from Debin to Suse. Perform the following steps to resolve the issue:
Copy certificate to aaf_aucore_1 container:
docker cp <certificatefile in PEM> aaf_aucore_1:/etc/pki/trust/anchors/
Update the certificate
docker exec -it aaf_aucore_1 /bin/bash -c \"update-ca-certificates; ln -s /var/lib/ca- certificates/ca-bundle.pem /var/lib/ca-certificates/pem/ca-certificates.crt\”