Support User Manuals

ZyXEL Communications 2WG Network Card User Manual

Open as PDF

of 784

Chapter 26 Logs Screens

ZyWALL 2WG User’s Guide

505

Failed to decode the

received user cert

The router received a corrupted user certificate from the LDAP server

whose address and port are recorded in the Source field.

Failed to decode the

received CRL

The router received a corrupted CRL (Certificate Revocation List) from

the LDAP server whose address and port are recorded in the Source

field.

Failed to decode the

received ARL

The router received a corrupted ARL (Authority Revocation List) from

the LDAP server whose address and port are recorded in the Source

field.

Rcvd data <size> too

large! Max size

allowed: <max size>

The router received directory data that was too large (the size is listed)

from the LDAP server whose address and port are recorded in the

Source field. The maximum size of directory data that the router allows

is also recorded.

Cert trusted: <subject

name>

The router has verified the path of the certificate with the listed subject

name.

Due to <reason codes>,

cert not trusted:

<subject name>

Due to the reasons listed, the certificate with the listed subject name

has not passed the path verification. The recorded reason codes are

only approximate reasons for not trusting the certificate. Please see

Table 179 on page 505 for the corresponding descriptions of the

codes.

Table 179 Certificate Path Verification Failure Reason Codes

CODE DESCRIPTION

1 Algorithm mismatch between the certificate and the search constraints.

2 Key usage mismatch between the certificate and the search constraints.

3 Certificate was not valid in the time interval.

4 (Not used)

5 Certificate is not valid.

6 Certificate signature was not verified correctly.

7 Certificate was revoked by a CRL.

8 Certificate was not added to the cache.

9 Certificate decoding failed.

10 Certificate was not found (anywhere).

11 Certificate chain looped (did not find trusted root).

12 Certificate contains critical extension that was not handled.

13 Certificate issuer was not valid (CA specific information missing).

14 (Not used)

15 CRL is too old.

16 CRL is not valid.

17 CRL signature was not verified correctly.

18 CRL was not found (anywhere).

19 CRL was not added to the cache.

20 CRL decoding failed.

21 CRL is not currently valid, but in the future.

Table 178 PKI Logs (continued)

LOG MESSAGE DESCRIPTION

previous next