Solution, Failed to request a local certificate, Symptom – H3C Technologies H3C S3600 Series Switches User Manual
Page 1185: Analysis, Failed to retrieve crls
1-20
z
The network connection is not proper. For example, the network cable may be damaged or loose.
z
No trusted CA is specified.
z
The URL of the registration server for certificate request is not correct or not configured.
z
No authority is specified for certificate request.
z
The system clock of the device is not synchronized with that of the CA.
Solution
z
Make sure that the network connection is physically proper.
z
Check that the required commands are configured properly.
z
Use the ping command to check that the RA server is reachable.
z
Specify the authority for certificate request.
z
Synchronize the system clock of the device with that of the CA.
Failed to Request a Local Certificate
Symptom
Failed to request a local certificate.
Analysis
Possible reasons include these:
z
The network connection is not proper. For example, the network cable may be damaged or loose.
z
No CA certificate has been retrieved.
z
The current key pair has been bound to a certificate.
z
No trusted CA is specified.
z
The URL of the registration server for certificate request is not correct or not configured.
z
No authority is specified for certificate request.
z
Some required parameters of the entity DN are not configured.
Solution
z
Make sure that the network connection is physically proper.
z
Retrieve a CA certificate.
z
Regenerate a key pair.
z
Specify a trusted CA.
z
Use the ping command to check that the RA server is reachable.
z
Specify the authority for certificate request.
z
Configure the required entity DN parameters.
Failed to Retrieve CRLs
Symptom
Failed to retrieve CRLs.
Analysis
Possible reasons include these:
z
The network connection is not proper. For example, the network cable may be damaged or loose.
z
No CA certificate has been retrieved before you try to retrieve CRLs.
z
The IP address of LDAP server is not configured.