I am a developer, writing and supporting U2F authentication and I have an old U2F Ntirokey.
When registering using the U2F registration process, the provided attestation certificate’s issuer DN is:
CN=Plug-up FIDO Internal Attestation CA #1
Where can I get the attestation CA certificate from to add to my U2F server attestation whitelist?
Plug-Up doesn’t exist anymore and therefore I don’t think the CA does exist either. That is all we could help in this regard.
Background: This topic is about an old device which we stopped selling in ca. 2016.
In case you are asking for the attestation cert sent by the device, it is this one:
-----BEGIN CERTIFICATE-----
MIIBqjCCAVGgAwIBAgIJAP5W/nrh/xgOMAoGCCqGSM49BAMCMDIxMDAuBgNVBAMM
J1BsdWctdXAgRklETyBJbnRlcm5hbCBBdHRlc3RhdGlvbiBDQSAjMTAeFw0xNDEw
MDMwODA2NDhaFw0zNDEwMDMwODA2NDhaMEAxPjA8BgNVBAMMNVBsdWctdXAgRklE
TyBQcm9kdWN0aW9uIEF0dGVzdGF0aW9uICNmZTU2ZmU3YWUxZmYxODBlMFkwEwYH
KoZIzj0CAQYIKoZIzj0DAQcDQgAEdeoGYOKQY3SENwAAr6oyJT6Ce9hIdJOmhqVo
TGXKzgmL6L9LhyU975a5QCMBBvxGBh99ZUbBbxSyWr8wGdj0J6NCMEAwHQYDVR0O
BBYEFHYrRG/ylO0yKuQpCU+phNiFPjWAMB8GA1UdIwQYMBaAFM+nRPKhYlDwOemS
hePaUOd9sDqoMAoGCCqGSM49BAMCA0cAMEQCIGtf6n/dzmWEOyXWpvyKTbc7gLHm
RC6rBnepPj25NR8iAiBZW4IyeSHCj60gYrkq6gfEN6VNRqYsi+bu+2lbirFEFg==
-----END CERTIFICATE-----