|
|
| Chapter 26 Logs Screens |
| Table 178 PKI Logs (continued) | ||
| LOG MESSAGE | DESCRIPTION | |
| Failed to decode the | The router received a corrupted user certificate from the LDAP server | |
| received user cert | whose address and port are recorded in the Source field. | |
| Failed to decode the | The router received a corrupted CRL (Certificate Revocation List) from | |
| received CRL | the LDAP server whose address and port are recorded in the Source | |
|
|
| field. |
| Failed to decode the | The router received a corrupted ARL (Authority Revocation List) from | |
| received ARL | the LDAP server whose address and port are recorded in the Source | |
|
|
| field. |
| Rcvd data <size> too | The router received directory data that was too large (the size is listed) | |
| large! Max size | from the LDAP server whose address and port are recorded in the | |
| allowed: <max size> | Source field. The maximum size of directory data that the router allows | |
|
|
| is also recorded. |
| Cert trusted: <subject | The router has verified the path of the certificate with the listed subject | |
| name> |
| name. |
| Due to <reason codes>, | Due to the reasons listed, the certificate with the listed subject name | |
| cert not trusted: | has not passed the path verification. The recorded reason codes are | |
| <subject name> | only approximate reasons for not trusting the certificate. Please see | |
|
|
| Table 179 on page 505 for the corresponding descriptions of the |
|
|
| codes. |
|
|
|
|
| Table 179 Certificate Path Verification Failure Reason Codes | ||
| CODE | DESCRIPTION |
|
| 1 | Algorithm mismatch between the certificate and the search constraints. | |
| 2 | Key usage mismatch between the certificate and the search constraints. | |
| 3 | Certificate was not valid in the time interval. | |
| 4 | (Not used) |
|
| 5 | Certificate is not valid. | |
| 6 | Certificate signature was not verified correctly. | |
| 7 | Certificate was revoked by a CRL. | |
| 8 | Certificate was not added to the cache. | |
| 9 | Certificate decoding failed. | |
| 10 | Certificate was not found (anywhere). | |
| 11 | Certificate chain looped (did not find trusted root). | |
| 12 | Certificate contains critical extension that was not handled. | |
| 13 | Certificate issuer was not valid (CA specific information missing). | |
| 14 | (Not used) |
|
| 15 | CRL is too old. |
|
| 16 | CRL is not valid. |
|
| 17 | CRL signature was not verified correctly. | |
| 18 | CRL was not found (anywhere). | |
| 19 | CRL was not added to the cache. | |
| 20 | CRL decoding failed. | |
| 21 | CRL is not currently valid, but in the future. | |
| 505 |
ZyWALL 2WG User’s Guide | |
|
|