Voice and SMS 2FA Fails After Migration of web.config File from Another Server

    Applies to:
  • Legacy SecureAuth IdP
Deployment model:
  • On Premises
  • Description: Voice and SMS 2FA Fails in the new server, even though the server from which the web.config file was copied from works just fine.

    Cause: The certificate referenced by the web.config in the target server does not exist, or it has not been imported over.


    1. Export the certificate whose serial number is referenced in the "Client Cert Serial Nbr" field in the Sys Info tab of the Web Admin GUI with the Private Key.

    2. Import this certificate into the cert store of the target server, making sure that the Private Key is exportable.

    3. Grant Network Service access to the Private Key of this newly-imported certificate.

    • Launch the Certificates Console, and highlight the imported certificate
    • Right-click on this certificate and select "All Tasks -> Manage Private Keys..."
    • In the new window that opens, Click on the "Add" button.
    • In the new window that opens, Type in "Network Service", then click on the "Check Names" button
    • Click OK to bring you back to the previous window.
    • Select Network Service, and uncheck the checkbox next to Full Control in the Allow column, leaving Read checkbox checked.
    • Click OK


    This should resolve the issue.




    0 out of 0 found this helpful



    Please sign in to leave a comment.