Your browser does not support HTML5 local storage or you have disabled it. Some functionality on this site, including saving your privacy settings and offering you special discounts, uses local storage and may not work with local storage disabled. We recommend allowing the use of local storage in your browser. In some browsers, it is the same setting used for disabling cookies.

PreviousNextUp[Front page] [Index]

Engine Generic Messages

This section lists all syslog messages reported by the Certifier Engine. The messages are divided into groups by their severity.

Engine Messages at Level LOG_CRITICAL

  • EK device keypath keypath, label label is blocked. Current operation is cancelled...

    EK device keypath keypath, label label is blocked. Current operation is cancelled. IMMEDIATE OPERATOR INTERVENTION IS REQUIRED.

    The nFast hardware device is not running.

Engine Messages at Level LOG_ERROR

  • Unable to initialize the Certifier engine, exiting.

  • Failed to start engine.

  • Engine at IP address startup failure: reason for system error.

    reason for system error stands for operating system error message.

  • Engine at IP address startup failure.

  • ca-engine section not found in configuration file.

    Configuration file problem.

  • CA entry point information missing from the configuration data.

    Configuration file problem.

  • CA engine service address missing from the configuration data.

    Configuration file problem.

  • Engine: TLS init failed.

    Configuration problem.

  • ssh-ca-engine: Failed to daemonize: reason for system error.

    Engine failed to run in the background.

  • Cannot reconnect to database.

  • Restart engine failed.

  • Engine terminating upon receipt of kill request.

  • Server 'server name' connection from IP address:IP port (serial:CaCom cert serial number) dropped...

    Server 'server name' connection from IP address:IP port (serial:CaCom cert serial number) dropped: already connected from IP address:port.

    Two servers tried to connect and authenticate with the same private key/certificate.

  • Unable to determine default entry point.

    Configuration file problem.

  • Server at IP address:port: connection timeout.

    Communication problem.

  • Server at IP address:port disconnected.

  • Unspecified communication error.

  • Entity status update failed.

  • Canceling CRL distribution for id #distribution point ID.

  • Publish failed for CRL #distribution point ID of CA CA ID.

  • RA: failed to fetch RA infomation.

  • RA: Error in incoming CMP message.

  • Failed to fetch engine parameters from database.

  • Add request failed: Policy error on request.

  • Add request failed: failed to update pre-shared key usage count for pre-shared key key id #PSK ID.

  • Request update failed: no request #request ID in database.

  • Request update failed: cannot update request #request ID with status new status.

  • Request update failed: request #request ID update denied by CA #CA ID policy.

  • Request update failed: request #request ID update failed.

  • Entity update failed: Can't update nonexisting entity #entity ID.

  • CA update failed: can't update nonexisting CA #CA ID.

  • CA update failed: Only CA certificates can be bound to CAs.

  • CA update failed: Failed to get data from new CA certificate.

  • CRL distibution point update failed, can't get CA id for CRL distribution point #distribution point ID.

  • Operator update failed: can't update nonexisting operator #operator ID.

  • Failed to update operator #operator ID: certificate #certificate ID already marked with special type.

  • Operator update failed: failed to bind certificate #certificate ID to operator #operator ID.

  • Operator #operator ID update failed.

  • Shared secret update failed: Can't get entity id from shared secret #PSK ID.

  • Shared secret update failed: error in psk uniqueness check.

    Two entities cannot have the same string as as their pre-shared keys.

  • Shared secret update failed: key id #PSK ID is not unique, already in use by entity #entity ID.

  • Shared secret update failed: failed to update shared-secret #PSK ID.

  • Add CA failed: No CA certificate.

  • Add CA failed: Certificate must be a CA certificate.

  • Add CA failed: Certificate must have private key in database.

  • Add CA failed: Failed to update certificate type to CA certificate.

  • Add CA failed: ssh_sql_insert failed.

  • Add CA failed: Automatic distribution point generation failed.

  • Add entity failed.

  • Add pre-shared key failed: deletion from database failed.

  • Add pre-shared key failed: failed to update next key id.

  • Add server failed.

  • Add server failed: failed to set certificate type.

  • Issue certificate failed: failed to get external private key for issuer.

  • Issue certificate failed: no master password.

  • Issue certificate failed: cannot find the issuer #CA ID.

  • Issue certificate failed: issuer #CA ID does not have a certificate.

  • Issue certificate failed: issuer #CA ID does not have a private key.

  • Issue certificate failed: can't create certificate.

  • Issue certificate failed: can't insert certificate.

  • External key generation failed.

  • Make certificate failed: request rejected in CA #CA ID policy.

  • module module name.

  • Make certificate failed: request rejected in CA #CA ID policy.

  • Fetch private key failed: no private key for certificate #certificate ID.

  • Decrypt master secret failed: Password is incorrect.

  • Decrypt master secret failed: Password is not set.

  • Generate master password failed: failed to encrypt master password.

  • Change master password failed: password is incorrect.

  • Delete (Entity|Server|RA Entity|Operator) failed: failed to fetch certificates.

  • Delete (Entity|Server|RA Entity|Operator) failed: failed to revoke certificate #certificate ID.

  • Delete (Entity|Server|RA Entity|Operator) failed: failed to delete shared secrets of entity #entity ID.

  • Delete CA failed: failed to update certificates.

  • Delete CA failed: failed to delete crls.

  • Delete CA failed: failed to delete crl distribution points.

  • Enroll: failed to create certificate response.

  • Failed to enable external key provider provider name.

    nFast problem.

  • EK authentication code wrong for keypath keypath, label label. To avoid blocking the device...

    EK authentication code wrong for keypath keypath, label label. To avoid blocking the device operation is cancelled. Re-enter system master password.

    nFast problem.

  • Can not read token with needed/total parameters.

    nFast problem.

  • Currently supports only 1/N.

    nFast problem.

  • Failed to initialize token read.

    nFast problem.

  • Could not read the share.

    nFast problem.

  • Failed to read token.

    nFast problem.

  • Failed to create RSA key, size size.

    nFast problem.

  • Could not get the private key blob from private key.

    nFast problem.

  • Format in progress, wrong provider id.

    nFast problem.

  • Failed to get scard info.

    nFast problem.

  • Can not format the card.

    nFast problem.

  • Token creation failed.

    nFast problem.

  • Failed to write share share number.

    nFast problem.

  • Hardware token status query failed: unknown provider type 'provider type'.

    nFast problem.

  • Operation requested for unknown CA.

    CMP protocol problem.

  • Certificate already revoked, expired, or held.

    CMP protocol problem.

  • Unknown Certificate; can not revoke.

    CMP protocol problem.

  • Can not handle multiple revocations in single nested message.

    CMP protocol problem.

  • Can not parse CertTemplate from request.

    CMP protocol problem.

  • Unknown Certificate; can not revoke.

    CMP protocol problem.

  • Private key to backup could not be decoded.

    CMP protocol problem.

  • Transaction ID already in use.

    CMP protocol problem.

  • Only one request in CMP envelope supported.

    CMP protocol problem.

  • CRMF template could not be decoded.

    CMP protocol problem.

  • CRMF template verification failed.

    CMP protocol problem.

  • CRMF did not contain oldCertId control.

    CMP protocol problem.

  • CRMF oldCertId not matched against cert.

    CMP protocol problem.

  • Message for unknown transaction.

    CMP protocol problem.

  • Message from non-RA entity.

    CMP protocol problem.

  • Empty nested messages not processed.

    CMP protocol problem.

  • CMP header protection check failed.

    CMP protocol problem.

  • Can't decode recipient name from the request.

    CMP protocol problem.

  • Can't find the request recipient recipient name from local CA's.

    CMP protocol problem.

  • Error encrypting POPOPrivKey/encrCert.

    CMP protocol problem.

  • Error encrypting CMP encryptedCert.

    CMP protocol problem.

  • The error 'error text' received while publishing to #server ID:service ID.

    Error in LDAP publishing. Logged at LOG_ERROR if the publishing method in question is configured as mandatory.

  • External enroll failed: can't handle nested messages in external enroll.

  • External enroll failed: Received CMP error message.

  • External enroll failed: can handle only one response per message.

  • External enroll failed: failed to decode response certificate.

  • External enroll failed: failed to add certificate to database.

  • External enroll failed: failed to update request #request ID status to accepted certificate #certificate ID.

  • External enroll failed: enrollment rejected, message: reason for rejection.

  • External enroll failed: failed to update rejected request status for request #request ID.

  • External enroll failed: unexpected status code status code, failure failure code, given reason reason.

  • External enroll failed: received unhandled message type message type as integer.

  • External enroll failed: Failed to parse CMP message received from external CA.

  • External enroll failed: CA connection type or path missing.

  • External enroll failed: can't connect to enrollment client service #service ID as integer in server #server ID.

  • External enroll failed: external key generation failed.

  • External enroll failed: Failed to fetch request #request ID.

  • External enroll failed: failed to unaslify request.

  • External enroll failed: Can't convert request to certificate template.

  • External enroll failed: failed to get private key from request.

  • RA message generation failed.

  • External enroll failed: failed to send certificate request.

Engine Messages at Level LOG_WARNING

  • CMP: original message has no sender-kid while generating error response.

Engine Messages at Level LOG_NOTICE

  • Engine starting at TCP URL.

  • Engine started.

  • Engine at TCP URL stopped.

  • Server 'server name' connection from host:port.

  • Engine restarted by operator #operator ID.

  • Terminating upon receipt of a signal.

    Normal shutdown of engine. Typically caused by system shutdown or by running the ssh-ca-stop script manually.

  • The error 'error text' received while publishing to #server ID:service ID.

    Error in LDAP publishing. Logged at LOG_NOTICE if the publishing method in question is configured as optional.

  • Hardware token of type nfast formatted by operator #operator ID.

  • Hardware token format failed.

  • Invalid message received from IP address:IP port.

  • Unknown message type received from IP address:IP port.

  • Empty message received from IP address:IP port.

  • Unauthenticated server connection from IP address:IP port.

  • Server connection from IP address:IP port (serial:CaCom cert serial number) dropped...

    Server connection from IP address:IP port (serial:CaCom cert serial number) dropped: already connected from IP address:IP port.

  • Private key for certificate #certificate ID fetched by operator #operator ID.

  • Master password generated by operator #operator ID.

  • Master password changed by operator #operator ID.

  • Change master password failed: Password is not set.

  • CA #CA ID was permanently removed by operator #operator ID.

  • ENROLL-CMP: Signature protection check failed. The signature is not valid.

  • CMP: unknown PSK protection received.

  • CMP: can't decode request.

Engine Messages at Level LOG_INFO

  • Heartbeat increasing heartbeat number.

  • Server at IP address:IP port connected.

  • Request #request ID from (SCEP|CMP|Web) processed by operator #operator ID: new request status.

  • Operator #operator ID changing (request|certificate|entity) #object ID status to new status.

  • Server #server ID restarted by operator #operator ID.

  • Server 'server name' reconnection from IP address:IP port.

  • CRL #distribution point ID of CA #CA ID published succesfully.

  • RA: request #request ID approved by operator #operator ID.

  • RA: Request granted by CA #RA ID, message: text reason.

  • RA: Request rejected by CA #RA ID, message: text reason.

  • Distribution point #distribution point ID added by operator #operator ID.

  • Certificate #certificate ID added to entity #entity ID by operator #operator ID.

  • Certificate #certificate ID added by operator #operator ID.

  • Add request failed: Request dropped by policy.

  • Request #request ID added by operator #operator ID.

  • Entity #entity ID updated by operator #operator ID.

  • CA #CA ID certificate changed to #certificate ID by operator #operator id.

  • CA #CA ID updated by operator #operator ID.

  • Operator #operator ID updated by operator #operator ID.

  • Shared secret #PSK ID updated by operator #operator ID.

  • CA #CA ID was created by operator #operator ID.

  • Entity #entity ID added by operator #operator ID.

  • Pre-shared key #PSK ID deleted by operator #operator ID.

  • Pre-shared key #PSK ID added by operator #operator ID.

  • Operator #operator ID added by operator #operator ID.

  • RA entity #RA ID added by operator #operator ID.

  • Server #server ID added by operator #operator ID.

  • Request #request ID accepted by operator #operator ID, certificate #certificate ID created.

  • System parameters updated by operator #operator ID.

  • Master secret decrypted by operator #operator ID.

  • (Entity|Server|RA Entity|Operator) #ID deleted by operator #operator ID.

  • Service reply was rejected by policy.

  • The service input was rejected by the policy.

  • EK master password needed to decrypt PIN code for keypath keypath label label.

  • External key device label (removed|inserted).

  • External key provider provider name enabled.

  • More shares needed.

  • Token initialization cancelled.

  • Smart card formatted.

  • Removing existing external key token.

  • total number of shares shares written succesfully. Hardware token initialized.

  • Hardware token deleted succesfully.

  • External enroll: added certificate #certificate ID.

  • External enroll postponed: request was postponed by external CA.

  • External enroll failed: failed to fetch request.

  • Database connection failed. Retrying after delay.


PreviousNextUp[Front page] [Index]

===AUTO_SCHEMA_MARKUP===