Crypto Events
The following are the events related to crypto.
Event ID: 3401
| Message | Function <CRYPTO_FUNC_NAME> passed selftest. |
| Platforms | K, KA, KB, RA, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Information |
Event ID: 3403 (Severity: Warning)
| Message | Attempted to install certificate of unsupported file format. |
| Platforms | K, KA, KB, RA, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Warning |
| Description | Only certificates of extension .der and .pem can be installed. If user tries to install a certificate other than these formats this message is logged |
Event ID: 3405
| Message | Trust Anchor Profile <TRUST_ANCHOR_PRO_FILENAME> created. |
| Platforms | K, KA, KB, RA, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Information |
| Description | This message is logged when user creates a new TA profile. |
Event ID: 3406
| Message | Trust Anchor Profile <TRUST_ANCHOR_PRO_FILENAME> removed. |
| Platforms | K, KA, KB, RA, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Information |
| Description | This message is logged when user deletes a new TA profile. |
Event ID: 3407
| Message | Identify Profile <IDENTITY_PRO_FILENAME> created. |
| Platforms | K, KA, KB, RA, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Information |
| Description | This message is logged when user creates a new identity profile, which is used in creating a certificate/CSR. |
Event ID: 3408
| Message | Identity Profile <IDENTITY_PRO_FILENAME> removed. |
| Platforms | K, KA, KB, RA, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Information |
| Description | This message is logged when user deletes a new identity profile, which is used in creating a certificate/CSR. |
Event ID: 3409
| Message | Trust Anchor Root Certificate installed on Trust Anchor Profile <TRUST_ANCHOR_PRO_FILENAME>". |
| Platforms | K, KA, KB, RA, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Information |
| Description | This message will be logged when user installs a root certificate against an existing trust anchor profile. |
Event ID: 3410
| Message | Self_signed certificate <SELF_SIGNED_CERTIFICATE_NAME> installed on Trust Anchor Profile <TRUST_ANCHOR_PRO_FILENAME> for usage <CERTIFICATE_USAGE> |
| Platforms | K, KA, KB, RA, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Information |
| Description | This message will be logged when user installs a leaf/local certificate, which is self-signed against an existing trust anchor profile with a specific usage. |
Event ID: 3412
| Message | CA_signed certificate <CA_SIGNED_CERT_NAME> installed on Trust Anchor Profile <TRUST_ANCHOR_PRO_FILENAME> for usage <CERTIFICATE_USAGE>. |
| Platforms | K, KA, KB, RA, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Information |
| Description | This message will be logged when user installs a leaf/local certificate, which is signed by a CA against an existing trust anchor profile with a specific usage. |
Event ID: 3413
| Message | Local Certificate <LOCAL_CERTIFICATE_NAME> removed. |
| Platforms | K, KA, KB, RA, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Information |
| Description | This message will be logged when user removes a leaf/local certificate which is a CA signed or self-signed. |
Event ID: 3414 (Severity: Warning)
| Message | Certificate <LOCAL_CERTIFICATE_NAME> is invalid. The chain exceeeds 5 certificates. |
| Platforms | K, KA, KB, RA, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Warning |
| Description | This message will be logged when user tries to install a local certificate chain with length (path-length) more than 5. |
Event ID: 3415 (Severity: Warning)
| Message | Attempted to install certificate containing formatting errors. |
| Platforms | K, KA, KB, RA, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Warning |
| Description | This message will be logged when user tries to install a local certificate with error in the supported format (PEM or DER). |
Event ID: 3416 (Severity: Fatal)
| Message | Failed to initialize SSL connection for OpenFlow. |
| Platforms | K, KA, KB, RA, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Fatal |
| Description | This message will be logged when SSL initialization fails during switch boot up. |
Event ID: 3420
| Message | Web server certificate migrated successfully. |
| Platforms | K, KA, KB, RA, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Information |
| Description | This message will be logged when a switch is loaded with pre-memphis build and with a web-certificate installed is upgraded to a later release and the migration of the web-certificate is successful to the newer release. |
Event ID: 3421
| Message | Web server certificate migration failed. |
| Platforms | K, KA, KB, RA, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Information |
| Description | This message will be logged when a switch is loaded with a pre-15.14 build and with a web-certificate installed is upgraded to a later release and the migration of the web-certificate is successful. |
Event ID: 3422
| Message | Web server key is too small for use. A new Web server certificate must be created. |
| Platforms | K, KA, KB, RA, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Information |
| Description | This message will be logged when a switch is loaded with a pre-15.14 build and with a web-certificate installed is upgraded to a later release and the migration of the web-certificate failed. |
Event ID: 3423 (Severity: Warning)
| Message | IDEVID certificate loading failed; IDEVID certificate is not present in this device or is corrupted. |
| Platforms | K, KA, KB, RA, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Warning |
| Description | This message will be logged in scenarios where a switch with TPM does not have an IDEVID certificate installed or the installed IDEVID certificate is corrupted. |
Event ID: 3424 (Severity: Warning)
| Message | Certificate based authentication for SSH is not supported with ECDSA certificates. Please install RSA certificate. |
| Platforms | KA, KB, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Warning |
| Description | This informs about the certificate based authentication for SSH is not supported with ECDSA certificates and to install RSA certificate. |
Event ID: 4756
| Message | Suite-B minLOS with security strength of <SECURITY_BIT_STRENGH (128 OR 192)> is set to <TLS> protocol in <STRICT|NORMAL> mode. |
| Platforms | K, KA, KB, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Information |
| Description | This message is logged when minLOS feature is configured for TLS protocol. |
Event ID: 4757
| Message | Suite-B minLOS with security strength of <SECURITY_BIT_STRENGH (128 or 192)> is removed for <TLS> protocol. |
| Platforms | K, KA, KB, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Information |
| Description | This message is logged when minLOS feature is unconfigured for TLS protocol. |
Event ID: 4758
| Message | Current <SSL/TLS> sessions terminated due to Suite-B policy enforcement. |
| Platforms | K, KA, KB, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Information |
| Description | This message is logged when user tries to configure minLOS when SSL/TLS sessions already exist on the device. |
Event ID: 4759 (Severity: Warning)
| Message | Certificate Signing Request(CSR) generation failed for the <RSA-2048/ECDSA-256/ECDSA-384> algorithm. |
| Platforms | K, KA, KB, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Warning |
| Description | This message is logged when user tries to create a CSR and the creation failed with an error. |
Event ID: 4760 (Severity: Warning)
| Message | Self-signed certificate generation failed while generating using <RSA-2048/ECDSA-256/ECDSA-384>. |
| Platforms | K, KA, KB, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Warning |
| Description | This message is logged when user tries to create a self-signed certificate and the creation failed with an error. |
Event ID: 4761 (Severity: Warning)
| Message | SSL connection failed as the server certificate with serial number <SERIAL_NUMBER> is revoked from <CRL|OCSP> the response. |
| Platforms | K, KA, KB, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Warning |
| Description | This message is logged when a certificate with a specific serial is revoked by either OCSP or CRL |
Event ID: 4762
| Message | CRL download has started for the <TA_PROFILE_FILENAME> |
| Platforms | K, KA, KB, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Information |
| Description | This message is logged when CRL downloading is started for a TA profile. |
Event ID: 4763
| Message | CRL download is complete for the <TA_PROFILE_FILENAME>. |
| Platforms | K, KA, KB, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Information |
| Description | This message is logged when CRL downloading is completed for a TA profile. |
Event ID: 4764 (Severity: Warning)
| Message | CRL download failed for the <TA_PROFILE_FILENAME>. |
| Platforms | K, KA, KB, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Warning |
| Description | This message is logged when CRL downloading is failed for a TA profile. |
Event ID: 4769
| Message | The CRL of TA profile <TA_PROFILE_FILENAME> has been deleted from both flash and memory. |
| Platforms | K, KA, KB, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Information |
| Description | This message is logged when a CRL file of a TA profile is removed from the flash and memory. |
Event ID: 4770 (Severity: Warning)
| Message | Failed to resolve <OCSP_RESPONDER| CDP> domain <DOMAIN_NAME> |
| Platforms | K, KA, KB, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Warning |
| Description | This message is logged when OCSP responder or CDP domain could not be resolved. |
Event ID: 4771 (Severity: Warning)
| Message | The certificate revocation check for OCSP failed <since received UNKNOWN status from OCSP responder>. |
| Platforms | KB, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Warning |
| Description | This message is logged when the certificate revocation check for OCSP failed since an UNKNOWN status was received from OCSP responder. |
Event ID: 4775 (Severity: Warning)
| Message | DRBG Re-Seed triggered- Entropy pool Re-Seeded. |
| Platforms | K, KA, KB, RA, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Warning |
| Description | This message is logged when reseeding is triggered due to insufficient entropy. |
Event ID: 4777 (Severity: Warning)
| Message | Default RSA key size changed to <1024> for <Certificate Manager> application. |
| Platforms | KA, KB, RA, WB, WC, YA, YB, YC |
| Category | Crypto |
| Severity | Warning |
| Description | crypto: Default RSA key size changed to 2048 for certificate manager application. |
Event ID: 4778
| Message | Certificate extension <SAN/CN> check is enabled for <APP_STR>. |
| Platforms | KB, WB, WC, YC |
| Category | Crypto |
| Severity | Information |
| Description | crypto: Event log when the Attribute check in the peer certificate is enabled |
Event ID: 4779
| Message | Certificate extension <SAN/CN> check is disabled for <APP_STR>. |
| Platforms | KB, WB, WC, YC |
| Category | Crypto |
| Severity | Information |
| Description | crypto: Event log when the Attribute check in the peer certificate is disabled |