ELS Messages for Certificate Management
- Level:
- CI-ERROR
- Short Syntax:
- CERT.001 can't get CA by alias ' aliasName
'
- Long Syntax:
- CERT.001 can't get CA by alias name ' aliasName
'
- Description:
- We have failed to get the distinguished name (DN) for the CA
specified by the aliasname.
- Level:
- CE-ERROR
- Short Syntax:
- CERT.002 unsupported cert type certType
from peerIPAddr
- Long Syntax:
- CERT.002 unsupported cert type certType
from peerIPAddr
- Description:
- We only support X.509 certificates.
- Level:
- CE-ERROR
- Short Syntax:
- CERT.003 CA specified by peerIPAddr
isn't supported
- Long Syntax:
- CERT.003 CA specified by peerIPAddr
isn't supported
- Description:
- The specified CA by the specified peer is not supported.
- Level:
- CE-ERROR
- Short Syntax:
- CERT.004 bad cert req payld len rcvPayLoadLen
, expctd expectedPayLoadLen
frm peerIPAddr
- Long Syntax:
- CERT.004 bad cert req payload len rcvPayLoadLen
, expected expectedPayLoadLen
from peerIPAddr
- Description:
- We've received a bad certificate request from the specified peer.
- Level:
- CI-ERROR
- Short Syntax:
- CERT.005 failed to find certs by issuer ' issuerAliasName
', reason reason
- Long Syntax:
- CERT.005 failed to find certificates by issuer ' issuerAliasName
', reason reason
- Description:
- We could not find any certificates issued by the specified
CA alias while constructing a packet that includes our
certificate due to the specified reason.
- Level:
- CI-ERROR
- Short Syntax:
- CERT.006 num of CAs exceeded the max maxCA
, ignore cert req frm peerAddr
- Long Syntax:
- CERT.006 num of CAs exceeded the max maxCA
, ignore cert req from peerAddr
- Description:
- Number of CAs have exceeded the memory allocated for them.
Hence, ignore the certificate request from the specified peer.
- Level:
- CI-ERROR
- Short Syntax:
- CERT.007 faild to get cert from cache in func
, reason reason
- Long Syntax:
- CERT.007 failed to get certificate from cache in func
, reason reason
- Description:
- Failed to look up the certificate from the cache table for
the specified reason while doing the specified function.
TBD: how to print out the issuer?
- Level:
- CI-ERROR
- Short Syntax:
- CERT.008 faild to sign with priv key, reason ' reason
'
- Long Syntax:
- CERT.008 failed to sign with private key due to ' reason
'
- Description:
- We have failed to sign the data with our private key for
the specified reason.
- Level:
- CI-ERROR
- Short Syntax:
- CERT.009 faild to insert root_cert/other_cert/my_cert/crl
aliasname
into cache due to ' reason
'
- Long Syntax:
- CERT.009 failed to insert root_cert/other_cert/my_cert/crl
aliasname
into cache due to ' reason
'
- Description:
- We have failed to insert the root/our/other certificate or CRL
into the cache table due to the specified reason.
- Level:
- CI-ERROR
- Short Syntax:
- CERT.010 faild to alloc mem for root/local
cert cert_name
len cert_len
- Long Syntax:
- CERT.010 failed to allocate memory for root/local
certificate cert_name
length cert_len
- Description:
- We tried to allocate memory for a certificate during router
initialization but failed. This shouldn't happen. Message will
indicate if this was a Root CA or Local end entity certificate.
- Level:
- CI-ERROR
- Short Syntax:
- CERT.011 faild to alloc mem for CRL ' CRLname
' len CRL_len
- Long Syntax:
- CERT.011 failed to allocate memory for CRL ' CRLname
' length CRL_len
- Description:
- We tried to allocate memory for a CRL during router
initialization or CRL retrieval but failed. This shouldn't happen.
- Level:
- CI-ERROR
- Short Syntax:
- CERT.012 Err occrd retrvng CRL sts = error_status
- Long Syntax:
- CERT.012 Error occurred retrieving CRL - status = error_status
- Description:
- An error occurred while retrieving the CRL.
- Level:
- C-INFO
- Short Syntax:
- CERT.013 Sccssfly rtvd cert_crl
' cert_crl_name
'
- Long Syntax:
- CERT.013 Successfully retrieved cert_crl
' cert_crl_name
'
- Description:
- The certificate or CRL was successfully retrieved from IBD into
the certificate management database.
- Level:
- CI-ERROR
- Short Syntax:
- CERT.014 Fld to open cert_crl
' cert_crl_name
' file cert_crl_filename
sts status
- Long Syntax:
- CERT.014 Failed to open cert_crl
' cert_crl_name
' file cert_crl_filename
status status
- Description:
- The certificate or CRL file in IBD could not be opened. This
could be of the user specifying the wrong filename
- Level:
- CI-ERROR
- Short Syntax:
- CERT.015 File cert_crl_filename
too lrg - rtv abrtd
- Long Syntax:
- CERT.015 File cert_crl_filename
is too large - retrieve aborted.
- Description:
- The certificate or CRL file in IBD was too large to be retrieved.
- Level:
- CI-ERROR
- Short Syntax:
- CERT.016 cert err in lib: lib
, func: func
, reason: reason
- Long Syntax:
- CERT.016 cert error in library: lib
, function: func
, reason: reason
- Description:
- An error has occured while processing the certificate in the
specified function for the specified reason.
- Level:
- CI-ERROR
- Short Syntax:
- CERT.017 Mem alloc fld sz memory_size
- Long Syntax:
- CERT.017 Memory allocation failed for size memory_size
- Description:
- A memory allocation for the indicated size failed.
- Level:
- CI-ERROR
- Short Syntax:
- CERT.018 Unable to extrct X509 Cert frm rtvd fl
- Long Syntax:
- CERT.018 Unable to extract X509 Certificate from retrieved file
- Description:
- An attempt to extract the X509 Certificate from the retrieved
file failed.
- Level:
- CI-ERROR
- Short Syntax:
- CERT.019 Unable to extrct X509 public key frm rtvd cert
- Long Syntax:
- CERT.019 Unable to extract X509 public from retrieved certificate
- Description:
- An attempt to extract the X509 Public key from the retrieved
certificate failed.
- Level:
- CI-ERROR
- Short Syntax:
- CERT.020 Key types dnt mtch. Rtrv abrtd. Exp: expected_key_type
Got: got_key_type
- Long Syntax:
- CERT.020 Key types don't match. Retrieve aborted. Expected: expected_key_type
Got: got_key_type
- Description:
- The key type generated for the certificate request is different than
the key type of the retrieved certificate. This is an indication that
the user is retrieving the wrong certificate. The certificate the
user is retrieving was not generated from the specified certificate
request.
- Level:
- CI-ERROR
- Short Syntax:
- CERT.021 Key lens dnt mtch. Rtrv abrtd. Exp: expected_key_type
Got: got_key_type
- Long Syntax:
- CERT.021 Key Lengths don't match. Retrieve aborted. Expected: expected_key_type
Got: got_key_type
- Description:
- The key length of the public key in the retrieve certificate is
different than the key length expected. This is an indication that
the user is retrieving the wrong certificate. The certificate the
user is retrieving was not generated from the specified certificate
request.
- Level:
- CI-ERROR
- Short Syntax:
- CERT.022 Public Keys dnt mtch. Rtrv abrtd.
- Long Syntax:
- CERT.022 Public Keys don't match. Retrieve aborted.
- Description:
- The public key in the retrieve certificate is different than the
public key length expected. This is an indication that
the user is retrieving the wrong certificate. The certificate the
user is retrieving was not generated from the specified certificate
request.
- Level:
- CI-ERROR
- Short Syntax:
- CERT.023 Keys nt fnd for ' alias_name
'. Rsn: reason
- Long Syntax:
- CERT.023 Keys not found for ' alias_name
'. Reason reason
- Description:
- An attempt to find the saved public/private key for the specified
alias name failed for the reasons given.
- Level:
- CI-ERROR
- Short Syntax:
- CERT.024 faild to alloc mem for KEYS for cert ' CERTname
' len KEYS_len
- Long Syntax:
- CERT.024 failed to allocate memory for KEYS for cert ' CERTname
' length KEYS_len
- Description:
- We tried to allocate memory for a KEYS structure for the mentioned
certificate during router but failed. This shouldn't happen.
- Level:
- ALWAYS
- Short Syntax:
- CERT.025 CRL nds to be rtrvd for dfnd CRL ' CRLname
'
- Long Syntax:
- CERT.025 CRL needs to be retrieved for defined CRL ' CRLname
'
- Description:
- A CRL has been added by the CRL file itself has not been retrieved
from the IBD.
- Level:
- ALWAYS
- Short Syntax:
- CERT.026 CRL ' CRLname
' has expired.
- Long Syntax:
- CERT.026 CRL ' CRLname
' has expired.
- Description:
- A CRL specified has expired. A new one MUST be retrieved in order to
guarantee the integrity of the Certificate Management subsystem.
- Level:
- CI-ERROR
- Short Syntax:
- CERT.027 Cert SN: peer_cert_serial_number
has been revoked by CRL crl_name
- Long Syntax:
- CERT.027 Certificate Serial Number peer_cert_serial_number
has been revoked by CRL crl_name
- Description:
- A locally retrieved Certificate Revocation List (CRL) contains the
serial number of the remote peer's certificate, indicating that the
remote peer's certificate has been revoked.
- Level:
- CI-ERROR
- Short Syntax:
- CERT.028 fld to match rcvd ID against cert subAltName for peerIPAddr
, rsn ' reason
'
- Long Syntax:
- CERT.028 failed to match received ID against cert subAltName for peerIPAddr
, reason ' reason
'
- Description:
- IKE has failed to match the received ID against the subjectAltName
in the specified peer certificate. This may result in IKE phase1
negotiation failure.
- Level:
- CI-ERROR
- Short Syntax:
- CERT.029 error found in remote peer's certificate chain: reason
- Long Syntax:
- CERT.029 error found in remote peer's certificate chain: reason
- Description:
- While processing the remote peer's certificate chain
an error was found. Typcially, this will be that a certificate
in the chain has either expired or been revoked.