Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Reason
This problem occurs when the alias is missing for the CREATE, REVOKE, RECOVER, CHANGEPASSWORD, RENEW, DELETE requests.

...

Reason
This problem occurs when any of the mandatory information is missing in any of the certification request types. e.g. old or new password is missing in the ChangePassword request.

...

Problem
Failed to process request - the request contains an invalid old password for PKCS#12/PFX

Reason
This error occurs when the incorrect old password is provided in the ChangePassword request.

...

Problem
Failed to verify PKCS#10 certificate a request

Reason
This error occurs when incorrect PKCS#10 is sent to ADSS Certification Service

...

Reason
This error occurs when the user specifies an alias in the REVOKE, RENEW, REVOKE, CHANGEPASSWORD, or RECOVER request and that certificate is issued by another client.

...

Reason
This error occurs when the user puts the certificate in the REVOKE, RENEW, REVOKE, CHANGEPASSWORD, or RECOVER request and that certificate is issued by another client.

...

Solution
Make sure that database and network is are available and then retry with the request.

...

Reason
This error occurs when the system fails to delete a certificate due any unseen affair. e.g. database became unavailable while deleting the certificate etc

...

Reason
This error occurs when the system is unable to authenticate the user request.

Solution
You need to make sure that:

  • The Client name is correct
  • Profile name is correct. It should be in the format adss:certification:profile:001 (NR)

...

Reason
This error occurs when the license for the service is expired. Expiry based on two factors, either the specified transactions count in the license is reached or the contractual time is elapsed.

Solution
Ask Ascertia Ltd. for a renewed license at: sales@ascertia.com.

...

Reason
This error occurs when all attributes in Subject Distinguished Name field in certification profile is set overridable and the client does not provide any RDN in the request

...

Reason
This error occurs when the system fails to revoke a certificate due to any unseen affair. e.g. database became unavailable while inserting the revocation information etc

...

Reason
This error occurs when "Client request messages must be signed" checkbox is checked on the Certification Service > Service Manager page and client request is unsigned.

...

Reason
This error occurs when user send the request to the certification and it is not according to the Ascertia's XML schema.

Solution
Make the request according to the schema. Schema The schema for the certification service can be found at: <ADSS-Server-Installation-Dir.>/service/schemas directory.

...

Reason
This error occurs when the user tries to revoke a certificate that is issued by an external CA. External CA could be another instance of ADSS Server or Microsoft CA. You can not revoke a certificate in either case.

...

Reason
This error occurs when the user tries to revoke and already revoked the certificate.

Solution
Do not revoke the certificate anymore

...

Reason
This error occurs when the user tries to renew a revoked certificate

...

  • Reinstate the certificate if it is revoked with holdInstructionCode and then try to renew
  • Get a new certificate issued from by the certification service

...

Reason
This error occurs when the client application is sending a PKCS#10 CSR and it not compliant with certification profile e.g.

  • Key algorithm configured in the profile is different than the PKCS#10 algorithm. Also it is not marked as overridable.
  • Key size configured in the profile is different than the PKCS#10 key size. Also it is not marked as overridable.
  • Validity period configured in the profile is different than the PKCS#10 validity period. Also it is not marked as overridable.

...

Reason
This error occurs when the user is specifying an invalid revocation or hold instruction code in the certification request

...

Reason
This error occurs when PKCS#12 is not found in the database while renewing a certificate

Solution
This certificate can not cannot be renewed.

...

Error Code 43035 

...

Solution
Following are the possible solutions for to this problem:

  • Provide the PFX is the request in order to renew the certificate or
  • Renew a certificate with a new key pair by selecting the option " Renew certificate using new key pair" in the profile

...

Problem
Failed to process request - issuer DN in the request does not match with issuer DN found in the certificate

...

Reason
This error occurs when the client tries to revoke an expired certificate

...

Reason
This error occurs when the user tries to renew a revoked certificate

...

  • Reinstate the certificate if it is revoked with holdInstructionCode and then try to renew
  • Get a new certificate issued from by the certification service

...

Reason
This error occurs when Manage CAs module that used to configure the CAs is not enabled in the license. If this module is not licensed then certification service can not cannot generate the certificate.

...

Reason
This error occurs when the user is sending the certification request over SSL client authentication and that certificate is different from the one configured in the Client Manager module for the target client.

...

Reason
This error occurs when the CA configured in the target certification profile is marked as inactive because an inactive CA can not cannot issue the certificates

Solution
Use a different profile in which an active CA is configured

...

Solution
The solution to this problem is to check the above mentioned checkbox in Client Manager module, then restart the ADSS Certification Service for the changes to take into effect and then send the certification request.

...

Reason
This error occurs when the user tries to revoke a certificate whose Valid From date is in future.

...

Problem
Failed to process request - certification service is not enabled in the system

Reason
This error occurs when property ENABLE_SERVICE = FALSE in [ADSS-Server-Dir.]/service/certification.properties file.

...

Problem
Failed to process request - subject DN in the request does not match subject DN pattern defined in certification profile

Reason
This error occurs when the checkbox "" is checked in the certification profile. When this checkbox is checked then service verifies that subject DN provided in the request matches the subject DN pattern defined in certification profile. Follow the link for more details about pattern matching: Certification Service > Certification Profile

...

Problem
Failed to process request - default profile not configured and neither found in the request

Reason
This error occurs when no default certification profile is configured in the target client and neither provided through certification request.

...