Citrix ADC 12.1 NITRO API Reference

SSL ERRORS

SSL ERRORS

Error Code Error Code(Decimal) Error Code(Hex) Error Message
NSERR_SSL_CERT 1536 0x600 Invalid certificate
NSERR_SSL_PKEY 1537 0x601 Invalid private key, or PEM pass phrase required for this private key
NSERR_SSL_NOMATCH 1538 0x602 Certificate and private key do not match
NSERR_SSL_CERTTYPE 1539 0x603 Invalid cetificate type
NSERR_SSL_NOCERT 1540 0x604 Certificate does not exist
NSERR_SSL_REFEXT 1541 0x605 Certificate is referenced by a CRL, OCSP responder, vserver, service, monitor, SSL profile, CA Cert Group, another certificate, or a policy expression using XML_ENCRYPT() or XML_DECRYPT()
NSERR_SSL_BIND 1542 0x606 Certificate binding does not exist
NSERR_SSL_LINK 1543 0x607 Certificate cant be linked to the same certificate
NSERR_SSL_NEED_SSLPROTO 1544 0x608 Objects protocol type is not SSL
NSERR_SSL_NOLINK 1545 0x609 Certificate does not have any CA link
NSERR_SSL_BINDOR 1546 0x60A Current certificate replaces the previous binding
NSERR_SSL_NOSVRCERT 1547 0x60B Certificate is not a server/client certificate
NSERR_SSL_ISSUBMIS 1548 0x60C Issuer certificate mismatch
NSERR_SSL_CRL 1549 0x60D Invalid CRL
NSERR_SSL_NOCRL 1550 0x60E CRL does not exist
NSERR_SSL_DHCOUNT 1551 0x60F DH Refresh count should be 0 or >=500
NSERR_SSL_SESSTO 1552 0x610 Session timeout should be > 0
NSERR_SSL_ERSACOUNT 1553 0x611 eRSA Refresh count should be 0 or >=500
NSERR_SSL_DH_SIZE 1554 0x612 DH params of size greater than 4096 bits not supported
NSERR_DHPATH 1555 0x613 DH file path mandatory if DH enabled
NSERR_CERTHEADER 1556 0x614 Cert header tag mandatory if cert enabled
NSERR_SESSHEADER 1557 0x615 Sess header tag mandatory if sess enabled
NSERR_CIPHER_PERM 1558 0x616 Default ciphers/aliases cannot be added or removed
NSERR_SSL_ERSADISABLED 1559 0x617 Setting eRSA count when eRSA is disabled
NSERR_SSL_DHDISABLED 1560 0x618 Setting DH count when DH is disabled
NSERR_SSL_SESSDISABLED 1561 0x619 Setting session timeout when session reuse is disabled
NSERR_SSL_PKEY_SIZE 1562 0x61A Certificate with key size greater than RSA4096 or DSA2048 bits not supported
NSERR_SSL_NOT_APPLICABLE 1563 0x61B Option is not applicable for this type of service
NSERR_CERTDNHEADER 1564 0X61C Cert DN tag mandatory if cert-DN enabled
NSERR_CERTISSUERHEADER 1565 0X61D Cert issuer tag mandatory if cert-issuer enabled
NSERR_CIPHERHEADER 1566 0X61E Cipher tag mandatory if cipher header enabled
NSERR_SSL_INTERNALERR 1567 0x61F Internal Error
NSERR_SSL_NOCACERT 1568 0x620 cacert does not exists
NSERR_SSL_REFRESHDIS 1569 0x621 crl refresh disabled
NSERR_SSL_SVRPORTNEEDED 1570 0x622 Server/port information is needed for enabling auto refresh
NSERR_SSL_BASEOBJNEEDED 1571 0x623 baseDN is required for enabling auto refresh
NSERR_SSL_CIPHER_REDIRECT 1572 0x624 Send Internal Cipher mismatch error page
NSERR_SSL_NODSA 1573 0x625 Loading of certificate and key of type DSA(DSS) is not supported with FIPS
NSERR_SSL_FIPSREFEXT 1574 0x626 The FIPS key is referenced by a certificate
NSERR_SSL_NOFIPSKEY 1575 0x627 No such FIPS key
NSERR_NOFIPSCARD 1576 0x628 Operation not permitted - no FIPS card present in the system
NSERR_FIPSCARDNOTCONF 1577 0x629 Operation not permitted - FIPS card is not configured
NSERR_SSL_SSLV2_REDIRECT 1578 0x62A Send Internal SSL protocol mismatch error page
NSERR_SSL_MODSIZE64 1579 0x62B Modulus size in bytes should be multiple of 64
NSERR_SSL_NONFIPSKEY 1580 0x62C Configuration of non-FIPS key on FIPS system not allowed
NSERR_NFIPS_FIPS_UPD 1581 0x62D Cannot update a non-FIPS certificate with a FIPS certificate
NSERR_FIPS_NFIPS_UPD 1582 0x62E Cannot update a FIPS certificate with a non-FIPS certificate
NSERR_SSL_ISSUER_NOTIN_GLBCERTLIST 1583 0x62F Unable to find the CA certificate for the CRL
NSERR_SSL_CRLSIGCHECK_FAIL 1584 0x630 Signature check on the CRL failed
NSERR_SSL_PORTREWRITE 1585 0x631 SSL port rewrite can be enabled only when SSL redirect is enabled
NSERR_SSL_SSLV2_RENEG_CLIENT_CERT 1586 0x632 Send Internal error page for SSLv2 protocol and client authentication with session renegotiation
NSERR_SSL_BRKLINK 1587 0x633 All incompatible CA links/Cert bindings were broken during the update operation
NSERR_SSL_CERT_NOT_YET_VALID 1588 0x634 The specified certificate is not yet valid
NSERR_SSL_CERT_EXPIRED 1589 0x635 The certificate has expired
NSERR_SSL_EXPIRED_BRKLINK 1590 0x636 All incompatible CA links were broken during the update operation. (Note: the certificate has expired)
NSERR_SSL_NYVALID_BRKLINK 1591 0x637 All incompatible CA links were broken during the update operation. (Note: the certificate is not yet valid)
NSERR_SSL_OCSP_RESPCERT 1592 0x638 No such responder certificate.
NSERR_SSL_OCSP_SIGNCERT 1593 0x639 No such signing certificate.
NSERR_SSL_NO_SESS_TKT 1594 0x63A Session Ticket feature is not supported on FIPS platform
NSERR_SSL_OCSP_INVALID_AIA 1595 0x63B Invalid OCSP AIA URL found
NSERR_SSL_OCSP_AIA_LEN_NOT_SUPPORTED 1596 0x63C OCSP AIA URL length is should be <126
NSERR_SSL_SSL3_SUPPORT 1597 0x63D Enabling of SSLv3 is not supported on this platform.
NSERR_SSL_BOUNDTO_SSLACTION 1598 0x63E Vserver cannot be removed as its referenced by one or more SSL Actions. Remove SSL action(s) prior to removing vserver.
NSERR_SSL_INVALID_SESS_TKT_DATA 1599 0x63F invalid session ticket key data len, length should be 64 bytes
NSERR_SSL_SAME_VS_IN_FORWARD 1600 0x640 Vserver to which packets will be forwarded cannot be same as the vserver to which this policy is getting bound.
NSERR_NAME_ALPHANUM_DASH1 3358 0xd1e Name must only contain alphanumeric characters and dashes and cannot start with a number.
NSERR_SSL_PROFILE_SSLI_NOT_ALLOWED 3370 0xd2a SSL interception can only be enabled on profile bound to proxy vserver
NSERR_SSL_CTX_SSLI_PROFILE_NOT_ALLOWED 3371 0xd2b Profile with SSL interception enabled cannot be set on non proxy vservers
NSERR_SSL_PROFILE_SSLI_CLUSTER_NOT_SUPPORTED 3372 0xd2c SSL interception is not supported on cluster
NSERR_SSL_DEFAULT_PROFILE_SSLI_NOT_SUPPORTED 3373 0xd2d SSL interception cannot be enabled on default frontend SSL profile
SSL ERRORS

In this article