Skip to content

SSL ERRORS

SSL ERRORS

Error CodeError Code(Decimal)Error Code(Hex)Error Message
NSERR_SSL_CERT15360x600Invalid certificate
NSERR_SSL_PKEY15370x601Invalid private key, or PEM pass phrase required for this private key
NSERR_SSL_NOMATCH15380x602Certificate and private key do not match
NSERR_SSL_CERTTYPE15390x603Invalid cetificate type
NSERR_SSL_NOCERT15400x604Certificate does not exist
NSERR_SSL_REFEXT15410x605Certificate is referenced by a CRL, OCSP responder, vserver, service, monitor, SSL profile, CA Cert Group, another certificate, or a policy expression using XML_ENCRYPT() or XML_DECRYPT()
NSERR_SSL_BIND15420x606Certificate binding does not exist
NSERR_SSL_LINK15430x607Certificate cant be linked to the same certificate
NSERR_SSL_NEED_SSLPROTO15440x608Objects protocol type is not SSL
NSERR_SSL_NOLINK15450x609Certificate does not have any CA link
NSERR_SSL_BINDOR15460x60ACurrent certificate replaces the previous binding
NSERR_SSL_NOSVRCERT15470x60BCertificate is not a server/client certificate
NSERR_SSL_ISSUBMIS15480x60CIssuer certificate mismatch
NSERR_SSL_CRL15490x60DInvalid CRL
NSERR_SSL_NOCRL15500x60ECRL does not exist
NSERR_SSL_DHCOUNT15510x60FDH Refresh count should be 0 or >=500
NSERR_SSL_SESSTO15520x610Session timeout should be > 0
NSERR_SSL_ERSACOUNT15530x611eRSA Refresh count should be 0 or >=500
NSERR_SSL_DH_SIZE15540x612DH params of size greater than 4096 bits not supported
NSERR_DHPATH15550x613DH file path mandatory if DH enabled
NSERR_CERTHEADER15560x614Cert header tag mandatory if cert enabled
NSERR_SESSHEADER15570x615Sess header tag mandatory if sess enabled
NSERR_CIPHER_PERM15580x616Default ciphers/aliases cannot be added or removed
NSERR_SSL_ERSADISABLED15590x617Setting eRSA count when eRSA is disabled
NSERR_SSL_DHDISABLED15600x618Setting DH count when DH is disabled
NSERR_SSL_SESSDISABLED15610x619Setting session timeout when session reuse is disabled
NSERR_SSL_PKEY_SIZE15620x61ACertificate with key size greater than RSA4096 or DSA2048 bits not supported
NSERR_SSL_NOT_APPLICABLE15630x61BOption is not applicable for this type of service
NSERR_CERTDNHEADER15640X61CCert DN tag mandatory if cert-DN enabled
NSERR_CERTISSUERHEADER15650X61DCert issuer tag mandatory if cert-issuer enabled
NSERR_CIPHERHEADER15660X61ECipher tag mandatory if cipher header enabled
NSERR_SSL_INTERNALERR15670x61FInternal Error
NSERR_SSL_NOCACERT15680x620cacert does not exists
NSERR_SSL_REFRESHDIS15690x621crl refresh disabled
NSERR_SSL_SVRPORTNEEDED15700x622Server/port information is needed for enabling auto refresh
NSERR_SSL_BASEOBJNEEDED15710x623baseDN is required for enabling auto refresh
NSERR_SSL_CIPHER_REDIRECT15720x624Send Internal Cipher mismatch error page
NSERR_SSL_NODSA15730x625Loading of certificate and key of type DSA(DSS) is not supported with FIPS
NSERR_SSL_FIPSREFEXT15740x626The FIPS key is referenced by a certificate
NSERR_SSL_NOFIPSKEY15750x627No such FIPS key
NSERR_NOFIPSCARD15760x628Operation not permitted - no FIPS card present in the system
NSERR_FIPSCARDNOTCONF15770x629Operation not permitted - FIPS card is not configured
NSERR_SSL_SSLV2_REDIRECT15780x62ASend Internal SSL protocol mismatch error page
NSERR_SSL_MODSIZE6415790x62BModulus size in bytes should be multiple of 64
NSERR_SSL_NONFIPSKEY15800x62CConfiguration of non-FIPS key on FIPS system not allowed
NSERR_NFIPS_FIPS_UPD15810x62DCannot update a non-FIPS certificate with a FIPS certificate
NSERR_FIPS_NFIPS_UPD15820x62ECannot update a FIPS certificate with a non-FIPS certificate
NSERR_SSL_ISSUER_NOTIN_GLBCERTLIST15830x62FUnable to find the CA certificate for the CRL
NSERR_SSL_CRLSIGCHECK_FAIL15840x630Signature check on the CRL failed
NSERR_SSL_PORTREWRITE15850x631SSL port rewrite can be enabled only when SSL redirect is enabled
NSERR_SSL_SSLV2_RENEG_CLIENT_CERT15860x632Send Internal error page for SSLv2 protocol and client authentication with session renegotiation
NSERR_SSL_BRKLINK15870x633All incompatible CA links/Cert bindings were broken during the update operation
NSERR_SSL_CERT_NOT_YET_VALID15880x634The specified certificate is not yet valid
NSERR_SSL_CERT_EXPIRED15890x635The certificate has expired
NSERR_SSL_EXPIRED_BRKLINK15900x636All incompatible CA links were broken during the update operation. (Note: the certificate has expired)
NSERR_SSL_NYVALID_BRKLINK15910x637All incompatible CA links were broken during the update operation. (Note: the certificate is not yet valid)
NSERR_SSL_OCSP_RESPCERT15920x638No such responder certificate.
NSERR_SSL_OCSP_SIGNCERT15930x639No such signing certificate.
NSERR_SSL_NO_SESS_TKT15940x63ASession Ticket feature is not supported on FIPS platform
NSERR_SSL_OCSP_INVALID_AIA15950x63BInvalid OCSP AIA URL found
NSERR_SSL_OCSP_AIA_LEN_NOT_SUPPORTED15960x63COCSP AIA URL length is should be <126
NSERR_SSL_SSL3_SUPPORT15970x63DEnabling of SSLv3 is not supported on this platform.
NSERR_SSL_BOUNDTO_SSLACTION15980x63EVserver cannot be removed as its referenced by one or more SSL Actions. Remove SSL action(s) prior to removing vserver.
NSERR_SSL_INVALID_SESS_TKT_DATA15990x63Finvalid session ticket key data len, length should be 64 bytes
NSERR_SSL_SAME_VS_IN_FORWARD16000x640Vserver to which packets will be forwarded cannot be same as the vserver to which this policy is getting bound.
NSERR_NAME_ALPHANUM_DASH133580xd1eName must only contain alphanumeric characters and dashes and cannot start with a number.
NSERR_SSL_PROFILE_SSLI_NOT_ALLOWED33700xd2aSSL interception can only be enabled on profile bound to proxy vserver
NSERR_SSL_CTX_SSLI_PROFILE_NOT_ALLOWED33710xd2bProfile with SSL interception enabled cannot be set on non proxy vservers
NSERR_SSL_PROFILE_SSLI_CLUSTER_NOT_SUPPORTED33720xd2cSSL interception is not supported on cluster
NSERR_SSL_DEFAULT_PROFILE_SSLI_NOT_SUPPORTED33730xd2dSSL interception cannot be enabled on default frontend SSL profile