Failed to request a local certificate, Symptom, Analysis – H3C Technologies H3C S5120 Series Switches User Manual

1-22

Failed to Request a Local Certificate

Symptom

Failed to request a local certificate.

Analysis

Possible reasons include these:

z

The network connection is not proper. For example, the network cable may be damaged or loose.

z

No CA certificate has been retrieved.

z

The current key pair has been bound to a certificate.

z

No trusted CA is specified.

z

The URL of the registration server for certificate request is not correct or not configured.

z

No authority is specified for certificate request.

z

Some required parameters of the entity DN are not configured.

Solution

z

Make sure that the network connection is physically proper.

z

Retrieve a CA certificate.

z

Regenerate a key pair.

z

Specify a trusted CA.

z

Use the ping command to check that the RA server is reachable.

z

Specify the authority for certificate request.

z

Configure the required entity DN parameters.

Failed to Retrieve CRLs

Symptom

Failed to retrieve CRLs.

Analysis

Possible reasons include these:

z

The network connection is not proper. For example, the network cable may be damaged or loose.

z

No CA certificate has been retrieved before you try to retrieve CRLs.

z

The IP address of LDAP server is not configured.

z

The CRL distribution URL is not configured.

z

The LDAP server version is wrong.

Solution

z

Make sure that the network connection is physically proper.

z

Retrieve a CA certificate.

z

Specify the IP address of the LDAP server.

z

Specify the CRL distribution URL.

z

Re-configure the LDAP version.