1236 CHAPTER 97: PKI CONFIGURATION
Failed to Request a Local
Certificate
Symptom
Failed to request a local certificate.
Analysis
Possible reasons include these:
■ The network connection is not proper. For example, the network cable may be
damaged or loose.
■ No CA certificate has been retrieved.
■ The current key pair has been bound to a certificate.
■ No trusted CA is specified.
■ The URL of the enrollment server for certificate request is not correct or not
configured.
■ No RA is configured.
■ Some required parameters of the entity DN are not configured.
Solution
■ Make sure that the network connection is physically proper.
■ Retrieve a CA certificate.
■ Regenerate a key pair.
■ Specify a trusted CA.
■ Use the ping command to check that the RA server is reachable.
■ Configure the RA for certificate request.
■ Configure the required entity DN parameters.
Failed to Retrieve CRLs Symptom
Failed to retrieve CRLs.
Analysis
Possible reasons include these:
■ The network connection is not proper. For example, the network cable may be
damaged or loose.
■ No CA certificate has been retrieved before you try to retrieve CRLs.
■ The IP address of LDAP server is not configured.
■ The URL for CRL distribution is not configured.
■ The LDAP server version is wrong.
Solution
■ Make sure that the network connection is physically proper.
■ Retrieve a CA certificate.
■ Specify the IP address of the LADP server.
■ Specify the URL for CRL distribution.
■ Re-configure the LDAP version.
To Next Page
Loading...
