(Windows) Failed Revocation Check
A Certificate Revocation (CRL) is a list of revoked public key certificates created and digitally signed by a Certificate Authority (CA).
HYPR Passwordless can fail on Windows for either user registration or Windows login. During login to Windows, a user might experience “The user name or password is incorrect.” The HYPR Unlock log file will exhibit the following:
Payload: {
"authorizationCode": 403,
"message": "Authorization was rejected status=0xC000006D",
"sessionId": "some\_session\_id",
"version": 2
}
Response: {
"status": {
"responseCode": 403,
"responseMessage": "Authorization was rejected status=0xC000006D"
}
}
Windows will attempt by default to validate the revocation status of the X.509 certificate. If the CRL is invalid, unreachable, or otherwise results in an error, then the resulting authentication attempt will also fail.