Attempting to generate One Time Password for certificate-based VPN connection results in an HTTP Status 500 error.

This issue is identified as a bug (230545). Blue Coat plans to resolve this issue (current expected in service update 6.8.5.1). Continue to check the release notes for this resolution.

Workaround

Generate the One Time Password by appending an IP parameter to the URL request. For example: &ip=8.8.8.8.
Consider the following sample URL.

http://portal.threatpulse.com:8080/api/locations?name=Store10&type=cert-firewall&ip=8.8.8.8 

Changes the location name (Store10). The IP can be any address because it will be ignored.