NextGen Knowledge Center

Duo Troubleshooting

Make sure the server time is correct

If users are unable to log in, a common cause is that the server's time is out of sync. Since Duo uses secure timestamp-based signed requests, even a few minutes of time drift can cause second-factor authentication requests to fail. Duo recommends the use of NTP to ensure that the server's time is always kept in sync.

Security Warning

If your server is using a self-signed certificate, users may see the following upon logging in for the first time:

Security Warning for a connection that is untrusted because the certificate is not valid

To get rid of this warning, replace the server certificate with one signed by a Certificate Authority. Look at the Changing The Server Certificate section in the User Guide for Mirth® Connect by NextGen Healthcare for more information.

HTTP ERROR 405

After authenticating with Duo, if you receive an error page such as "HTTP ERROR 405", it may be due to a navigation issue inside the JavaFX web view. This can be caused by selecting links that take you to different pages. To resolve the issue, close the Duo Authentication window, which should bring you back to the logon window. Then try to log on again.

Temporarily Allow a Bypass User

If a user loses their device, you can temporarily enable them to bypass secondary authentication. Do this from the Users page in the Duo Admin Panel. More information in the Duo documentation: https://duo.com/docs/administration-users#generating-a-bypass-code.