Failed to request a local certificate, Symptom, Analysis – H3C Technologies H3C SecPath F1000-E User Manual
Page 336: Solution, Failed to retrieve crls
324
•
Synchronize the system clock of the device with that of the CA.
Failed to request a local certificate
Symptom
Failed to request a local certificate.
Analysis
Possible reasons include:
•
The network connection is not proper. For example, the network cable might be damaged or loose.
•
No CA certificate has been retrieved.
•
The current key pair has been bound to a certificate.
•
No trusted CA is specified.
•
The URL of the registration server for certificate request is not correct or not configured.
•
No authority is specified for certificate request.
•
Some required parameters of the entity DN are not configured.
Solution
•
Make sure that the network connection is physically proper.
•
Retrieve a CA certificate.
•
Regenerate a key pair.
•
Specify a trusted CA.
•
Use the ping command to check that the RA server is reachable.
•
Specify the authority for certificate request.
•
Configure the required entity DN parameters.
Failed to retrieve CRLs
Symptom
Failed to retrieve CRLs.
Analysis
Possible reasons include:
•
The network connection is not proper. For example, the network cable might be damaged or loose.
•
No CA certificate has been retrieved before you try to retrieve CRLs.
•
The IP address of LDAP server is not configured.
•
The CRL distribution URL is not configured.
•
The LDAP server version is wrong.
Solution
•
Make sure that the network connection is physically proper.
•
Retrieve a CA certificate.
•
Specify the IP address of the LDAP server.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS