Error messages

Error messages

Error Message

Explanation

The TA profile %s does not exist.

Fail the revocation-check command when a given ta-profile is not already configured on the switch. And Fail the clear crl command if an invalid ta-profile is given.

The TA profile %s has no certificate configured.

Fail the revocation-check command if TA certificate associated to the given profile is not already downloaded.

The URL length exceeds the maximum allowed length of 255 characters.

Restrict length of the URL revocation URL to 255 characters.

Either the TA certificate is not installed or the revocation check is not set to CRL.
A warning message will be displayed if any of the following is not completed when this command is run.
  1. If revocation check is not CRL.

  2. If TA certificate is not installed.

Do you want to delete all the CRLs? Continue (y/n):

A prompt is given to user to select y/n before deleting all CRLs.

Do you want to delete the CRL of the TA profile %s? Continue (y/n):

A prompt is given to user to select y/n before deleting CRL of the TA profile.

The SuiteB-minLoS command in strict mode is mutually exclusive, with minimum TLS configured for an application.

Following is the command which needs to be mutually exclusive with the SuiteB-minLOS command if its configured in strict mode for SSL: [no] tls application {web-ssl | openflow | syslog | tr69 | cloud | all} lowest-version {tls1.0 | tls 1.1| tls 1.2 | default } [cipher {aes256-sha256 | aes256-sha | aes128-sha256 | aes128-sha | des3-cbc-sha | ecdh-rsa-aes128-gcm-sha256}]

Do you want to terminate the existing SSL/TLS sessions? Continue (y/n):

When minLOS is configured for TLS, prompt the user to kill the existing SSL/TLS sessions.

All manager level %s public keys will be deleted. Continue (y/n):

A warning message when user tries to clear all the manager keys with key type (rsa/dsa) specified.

All operator level %s public keys will be deleted. Continue (y/n):

A warning message when user tries to clear all the operator keys with key type (rsa/dsa) specified.

All operator level %s public keys will be deleted. Continue (y/n):

A warning message when user tries to clear all the keys with key type (rsa/dsa) specified.

The CRL is not downloaded or not available in the switch.

An error message when CRL is not available in the switch and when user checks the revocation status of a certificate using the command show crypto pki ta-profile ta1 crl certificate-serial-num 0x3535456889ccce2e.

A DNS server must be configured before configuring the named URL for CRL/OCSP.

An error message when a named URL is configured without DNS is on switch configured.

A CRL URL must begin with ldap://.

The URL scheme should ‘ldap’ for CRL.

An OCSP URL must begin with http:// or https://.

The URL scheme should be ‘http’ or ‘https’ for OCSP anything else should be given an error.

A self-signed certificate requires a TA profile. One of the existing TA profiles must be removed before a self-signed certificate may be created.

A default profile does not already exist and the ten TA profiles are already in use (preventing creation of the ‘default’ TA profile.) The maximum number of TA profiles is ten; and one of those ten TA profiles is reserved for self-signed (the default profile).

No matching CSR found. Certificate validation failed.

If there is no CSR present on the switch, then the certificate cannot be matched.

Certificate "<cert name>" already exists".

The specified certificate name is already used.

Configuration failed. Incomplete certificate chain.

The certificate chain is incomplete.

The certificate has expired or is not yet valid.

The certificate is invalid.

Configuration failed. The specified key is not available. Please wait and try again.

The crypto keys are not available.

Certificate name is too long. The maximum length is 20.

The certificate name exceeds the maximum length allowed.

Certificate subject does not match the existing certificate associated with Trust Anchor profile <TA-Profile-Name>.

Overwriting a configured TA certificate.

File format not recognized or file is corrupted. Certificate validation failed.

There is a problem with the file, such a corruption.

Key generation in progress, try again later.

The key is not generated yet during a request for a CSR.

No matching CSR found. Certificate validation failed.

There is no CSR present on the switch, the certificate cannot be matched.

Profile was not added. The maximum number of profiles is %d

User tried to add the tenth TA profile.

Removing this TA profile will also remove all associated certificates. Continue (y/n) ?

Removing a TA profile removes all associated certificates. The following warning/query appears.

TA Profile%s does not exist.

During deletion, the mentioned TA profile is not existing / not configured.

The certificate cannot be verified because the associated Trust Anchor profile has no certificate configured.

The Trust Anchor certificate is not installed on the switch against the specified TA profile.

The default value for start date is the current date and the default value for the end date is the current date plus one year.

When enrolled for self-signing without having a switch identity profile or subject fields in the command line.

The existing certificate for this TA profile [%s] will be replaced. Continue (y/n)?

The mentioned TA profile certificate already exists and the user attempts to install a new certificate over the existing one.

Enter Common Name(CN) :
Enter Org Unit(OU) :
Enter Org Name(O) :
Enter Locality(L) : 
Enter State(ST) :
Enter Country(C) :

Prompts appear if the required fields are not given as arguments.