IDES Interactive Knowledge Base

Certificate Error Codes

Last Updated: Dec 29, 2014 10:43AM CST
Status Description
CtlNotSignatureValid Specifies that the certificate trust list (CTL) contains an invalid signature.
CtlNotTimeValid Specifies that the certificate trust list (CTL) is not valid because of an invalid time value, such as one that indicates that the CTL has expired.
Cyclic Specifies that the X509 chain could not be built.
HasExcludedNameConstraint Specifies that the X509 chain is invalid because a certificate has excluded a name constraint.
HasNotDefinedNameConstraint Specifies that the certificate has an undefined name constraint.
HasNotPermittedNameConstraint Specifies that the certificate has an impermissible name constraint.
HasNotSupportedNameConstraint Specifies that the certificate does not have a supported name constraint or has a name constraint that is unsupported.
InvalidBasicConstraints Specifies that the X509 chain is invalid due to invalid basic constraints.
InvalidExtension Specifies that the X509 chain is invalid due to an invalid extension.
InvalidNameConstraints Specifies that the X509 chain is invalid due to invalid name constraints.
InvalidPolicyConstraints Specifies that the X509 chain is invalid due to invalid policy constraints.
NoError Specifies that the X509 chain has no errors.
NoIssuanceChainPolicy Specifies that there is no certificate policy extension in the certificate. This error would occur if a group policy has specified that all certificates must have a certificate policy.
NotSignatureValid Specifies that the X509 chain is invalid due to an invalid certificate signature.
NotTimeNested Deprecated. Specifies that the CA (certificate authority) certificate and the issued certificate have validity periods that are not nested. For example, the CA cert can be valid from January 1 to December 1 and the issued certificate from January 2 to December 2, which would mean the validity periods are not nested.
NotTimeValid Specifies that the X509 chain is not valid due to an invalid time value, such as a value that indicates an expired certificate.
NotValidForUsage Specifies that the key usage is not valid.
OfflineRevocation Specifies that the online certificate revocation list (CRL) the X509 chain relies on is currently offline.
PartialChain Specifies that the X509 chain could not be built up to the root certificate.
RevocationStatusUnknown Specifies that it is not possible to determine whether the certificate has been revoked. This can be due to the certificate revocation list (CRL) being offline or unavailable.
Revoked Specifies that the X509 chain is invalid due to a revoked certificate.
UntrustedRoot Specifies that the X509 chain is invalid due to an untrusted root certificate.
8cbd1ad8a75f68469f58a890843cbdbe@ides.desk-mail.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete