Unable to enable U2F auth with Yubikey (400 Bad Request) #2083

New Issue

Closed

opened 2025-10-09 17:44:54 +03:00 by OVERLORD · 1 comment

OVERLORD commented 2025-10-09 17:44:54 +03:00

Owner

Copy Link

Originally created by @Slychocobo on GitHub.

Trying to add U2F to an account, while browser reads the Security key, the process fails when attempting to save with "U2F Error"

Running latest docker-build of Bitwarden_rs.
Site is behind a nginx proxy (using proxy config provided in wiki)

Javascript console reports
zone.js:1152 PUT https://redacted.fqdn/api/two-factor/u2f 400 (Bad Request)

Server reports
[2019-07-07 19:09:52][bitwarden_rs::error][ERROR] U2fError.
,[2019-07-07 19:09:52][_][INFO] Matched: PUT /api/two-factor/u2f (activate_u2f_put)
,[2019-07-07 19:09:52][rocket::rocket][INFO] PUT /api/two-factor/u2f application/json; charset=utf-8:
,[CAUSE] NotTrustedAnchor

Checked app-id.json and it is reporting the correct URL/port

Originally created by @Slychocobo on GitHub. Trying to add U2F to an account, while browser reads the Security key, the process fails when attempting to save with "U2F Error" Running latest docker-build of Bitwarden_rs. Site is behind a nginx proxy (using proxy config provided in wiki) Javascript console reports zone.js:1152 PUT https://redacted.fqdn/api/two-factor/u2f 400 (Bad Request) Server reports [2019-07-07 19:09:52][bitwarden_rs::error][ERROR] U2fError. ,[2019-07-07 19:09:52][_][INFO] Matched: PUT /api/two-factor/u2f (activate_u2f_put) ,[2019-07-07 19:09:52][rocket::rocket][INFO] PUT /api/two-factor/u2f application/json; charset=utf-8: ,[CAUSE] NotTrustedAnchor Checked app-id.json and it is reporting the correct URL/port

OVERLORD closed this issue 2025-10-09 17:44:55 +03:00

OVERLORD commented 2025-10-09 17:44:56 +03:00

Author

Owner

Copy Link

@dani-garcia commented on GitHub:

This is probably the same error as #272 or #105, which means there's not much we can do at the moment. Some keys don't have the SubjectAltName field, (which isn't required for a U2F cert, so some keys don't have them) while the library used for reading them does expect the field to be there. Until those issues are fixed or another library appears there's nothing I can do.

@dani-garcia commented on GitHub: This is probably the same error as #272 or #105, which means there's not much we can do at the moment. Some keys don't have the SubjectAltName field, (which isn't required for a U2F cert, so some keys don't have them) while the library used for reading them does expect the field to be there. Until those issues are fixed or another library appears there's nothing I can do.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

test_dylint

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels

better for forum

bug

bug

bug

documentation

duplicate

enhancement

future Vault

good first issue

help wanted

low priority

notes

pull-request

Mirrored from GitHub Pull Request

question

SSO

Third party

troubleshooting

troubleshooting

wontfix

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/vaultwarden#2083