Error codes in this section include:
-1201 0xFFFFFB4F PKI E FILE CREATE
Source:
Novell Certificate Server
Explanation:
The client workstation could not create the specified file.
The server could not create a temporary file on volume sys:.
Possible Cause:
The user does not have rights to create the specified file.
Action:
Give the proper rights to the user, perform the operation as the administrative user, or specify a different location to store the file.
Possible Cause:
The file system on the specified client or server is full.
Action:
Delete any unneeded files on the specified file system, or specify a different location to store the file.
Possible Cause:
Volume sys: is full.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1202 0xFFFFFB4E PKI E FILE OPEN
Source:
Novell Certificate Server
Explanation:
The client workstation could not create the specified file.
The server could not create a temporary file on volume sys:.
Possible Cause:
The user does not have rights to create the specified file.
Action:
Give the proper rights to the user, perform the operation as the administrative user, or specify a different location to store the file.
Possible Cause:
The specified file has been deleted or moved.
Action:
Specify another file, or restore the file from backup.
Possible Cause:
The file system on the specified client or server is full.
Action:
Delete any unneeded files on the specified file system, or specify a different location to store the file.
Possible Cause:
Volume sys: is full.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1203 0xFFFFFB4D PKI E FILE READ
Source:
Novell Certificate Server
Explanation:
The client workstation was unable to read the specified file.
The server could not create a temporary file that it had previously created on volume sys:.
Possible Cause:
The user does not have rights to read the specified file.
Action:
Give the proper rights to the user, or perform the operation as the administrative user.
Possible Cause:
The specified file has been deleted or moved.
Action:
Specify another file, or restore the file from backup.
Possible Cause:
The temporary file previously created on volume sys: has been deleted or moved.
Action:
Retry the operation.
Possible Cause:
The server is out of memory.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-
Unload any unnecessary applications on the server and try the operation again.
-
Unload pki.nlm, reload it, and try the operation again.
-
Restart the server.
-1204 0xFFFFFB4C PKI E FILE WRITE
Source:
Novell Certificate Server
Explanation:
All the data was not written to the specified file.
All the data was not written to a temporary file created on volume sys:.
Possible Cause:
The user does not have rights to write to the specified file.
Action:
Give the proper rights to the user, perform the operation as the administrative user, or specify a different file.
Possible Cause:
The file system on the specified client or server is full.
Action:
Delete any unneeded files on the specified file system, or specify a different location to store the file.
Possible Cause:
Volume sys: is full.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1205 0xFFFFFB4B PKI E FILE SEEK
Source:
Novell Certificate Server
Explanation:
The server could not determine the size of the temporary file on volume sys:
Possible Cause:
The temporary file previously created on volume sys: has been deleted or moved.
Action:
Retry the operation.
-1206 0xFFFFFB4A PKI E CRYPT INIT
Source:
Novell Certificate Server
Explanation:
Not currently used.
Possible Cause:
An old version of the pki.nlm is being used.
-1207 0xFFFFFB49 PKI E NO KEY FILE
Source:
Novell Certificate Server
Explanation:
Not currently used.
Possible Cause:
An old version of the pki.nlm is being used.
-1208 0xFFFFFB48 PKI E GENERATE KEY
Source:
Novell Certificate Server
Explanation:
Not currently used.
Possible Cause:
An old version of the pki.nlm is being used.
-1209 0xFFFFFB47 PKI E KEY SIZE NOT SUPPORTED
Source:
Novell Certificate Server
Explanation:
The requested key size is not allowed by Novell International Cryptographic Infrastructure (NICI).
Possible Cause:
NetWare® Administrator is being used to administer Novell Certificate Server.
Possible Cause:
Pki.nlm is not compatible with the version of the Novell Certificate Server snap-in used in ConsoleOne.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
Possible Cause:
A third-party application using the Novell Certificate Server APIs requested a key size that is too large.
Action:
Contact the vendor of the third-party application.
-1210 0xFFFFFB46 PKI E KEYS ALREADY EXIST
Source:
Novell Certificate Server
Explanation:
A key pair already exists for the Organizational Certificate Authority.
Possible Cause:
An Organizational Certificate Authority has already been created.
Action:
No action is necessary if the existing Organizational Certificate Authority is still valid. If it is not, perform all of the following operations:
-
Delete the Organizational Certificate Authority object.
-
Wait for eDirectory or NDS to synchronize.
-
Create a new Organizational Certificate Authority using ConsoleOne.
WARNING:Use care when deleting the Organizational Certificate Authority. After the Organizational Certificate Authority object is deleted, all User and Server Certificates signed by the Certificate Authority will cease to be valid and should be deleted. After the new Organizational Certificate Authority has been created, certificates for user and servers can be re-created as needed.
WARNING:Use care when deleting User Certificates. Deleting a User Certificate also deletes the user’s private key. Without the private key, data encrypted using the public key in the certificate (for example., e-mail) cannot be decrypted.
Possible Cause:
The Organizational Certificate Authority object has been deleted, but eDirectory or NDS has not yet synchronized.
Action:
The partition that the Organizational Certificate Authority’s object resides in must be synchronized to all servers that hold a replica before a new Organizational Certificate Authority can be created. Normally, synchronization will occur automatically, but it may take some time. If synchronization does not occur within a reasonable timeframe, run dsrepair.nlm on the servers in the replica ring.
-1211 0xFFFFFB45 PKI E UPDATE KMO
Source:
Novell Certificate Server
Explanation:
A certificate with the specified key pair name already exists for the specified server.
Possible Cause:
A server certificate with the specified key pair name has already been created for the server.
Action:
If the existing server certificate is no longer valid and another certificate with the same key pair name is desired, perform all of the following operations:
-
Delete the Server Certificate object that holds the server certificate.
-
Wait for eDirectory or NDS to synchronize.
-
Create a new server certificate using ConsoleOne. The key pair name originally specified can now be used.
If the existing certificate is still in use or is still necessary, do not delete it. Instead, create another server certificate with a different name.
Possible Cause:
The Server Certificate object that holds the server certificate has been deleted, but eDirectory or NDS has not yet synchronized.
Action:
The partition in which the Server Certificate object resides must be synchronized to all servers that hold a replica before a new server certificate can be created for the same server with the same key pair name. Normally, synchronization will occur automatically, but it may take some time. If synchronization does not occur within a reasonable timeframe, run dsrepair.nlm on the servers in the replica ring.
-1212 0xFFFFFB44 PKI E INSUFFICIENT MEMORY
Source:
Novell Certificate Server
Explanation:
Memory could not be allocated on either the client workstation or the server.
Possible Cause:
Other applications running on the client are consuming memory.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-
Exit any unnecessary applications on the client, then try the operation again.
-
Increase the memory available to the client workstation.
-
Reboot the client workstation.
Possible Cause:
Other applications running on the server are consuming memory.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-
Unload any unnecessary applications on the server, then try the operation again.
-
Unload pki.nlm, reload it, and try the operation again.
-
Restart the server.
-1213 0xFFFFFB43 PKI E BUFFER OVERFLOW
Source:
Novell Certificate Server
Explanation:
An internal data buffer overflow occurred.
Possible Cause:
Pki.nlm is not compatible with the version of the Novell Certificate Server snap-in used in ConsoleOne.
Possible Cause:
A certificate with an invalid encoding was sent to the server for storage.
Action:
Check to make sure that the certificate is a valid X.509 certificate encoded in DER or Base64 format.
Possible Cause:
A third-party application using the Novell Certificate Server APIs used an invalid parameter.
Action:
Contact the vendor of the third-party application.
-1214 0xFFFFFB42 PKI E BAD REQUEST SYNTAX
Source:
Novell Certificate Server
Explanation:
An invalid request was made to the client or server.
Possible Cause:
Pki.nlm is not compatible with the version of the Novell Certificate Server snap-in used in ConsoleOne.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
Possible Cause:
An internal error occurred.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
Possible Cause:
A third-party application using the Novell Certificate Server APIs used an invalid parameter.
Action:
Contact the vendor of the third-party application.
-1215 0xFFFFFB41 PKI E DSIO
Source:
Novell Certificate Server
Explanation:
Not currently used.
Possible Cause:
An old version of the pki.nlm is being used.
-1216 0xFFFFFB40 PKI E CREATE CERTIFICATE OR CSR
Source:
Novell Certificate Server
Explanation:
The certificate or certificate signing request could not be generated.
Possible Cause:
An internal NICI error has occurred.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-
Retry the operation.
-
Restart the server.
Possible Cause:
Pki.nlm is not compatible with the version of the Novell Certificate Server snap-in used in ConsoleOne.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
Possible Cause:
A third-party application using the Novell Certificate Server APIs requested a signature algorithm that is not allowed by NICI.
Action:
Contact the vendor of the third-party application.
-1217 0xFFFFFB3F PKI E ALGORITHM NOT SUPPORTED
Source:
Novell Certificate Server
Explanation:
The requested key generation or signature algorithm is not allowed by NICI.
Possible Cause:
Pki.nlm is not compatible with the version of the Novell Certificate Server snap-in used in ConsoleOne.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
Possible Cause:
A third-party application using the Novell Certificate Server APIs requested a key generation or signature algorithm that is not allowed by NICI.
Action:
Contact the vendor of the third-party application.
-1218 0xFFFFFB3E PKI E UNKNOWN ATTRIBUTE
Source:
Novell Certificate Server
Explanation:
The requested subject name, issuer name, or alternative name contains a name type that is not understood by Novell Certificate Server. Novell Certificate Server supports the following set of name types (the corresponding abbreviation is shown in parenthesis):
Possible Cause:
The user specified a subject name that was not preceded with a period (.).
Action:
Retry the operation specifying a subject name preceded with a period (.).
Possible Cause:
The user specified a subject name with a name type other than those listed above.
Action:
Retry the operation specifying a subject name with only the types listed above.
Possible Cause:
A server certificate was obtained from an external Certificate Authority. Either the Certificate Authority’s certificate or the certificate issued by the Certificate Authority contained a name type other than those listed above.
Action:
Contact the Certificate Authority.
Possible Cause:
A third-party application using the Novell Certificate Server APIs requested a subject or alternative name with a type other than those listed above.
Action:
Contact the vendor of the third-party application.
Possible Cause:
Pki.nlm is not compatible with the version of the Novell Certificate Server snap-in used in ConsoleOne.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1219 0xFFFFFB3D PKI E INVALID NAME
Source:
Novell Certificate Server
Explanation:
A specified name is not valid for the requested operation.
Possible Cause:
The key pair name specified during the creation of a server certificate is not valid. It is not valid because there is another object in the server’s container with the name: <key pair name> - <server name>. This object either is a Server Certificate object that belongs to another server or is not a Server Certificate object at all.
Action:
If the object is a Server Certificate object but does not belong to this server, perform one of the following operations before repeating the operation:
-
Rename the object so that the server name following the " - " in the Server Certificate object’s name is the name of the server that the Server Certificate object belongs to. Most likely, this server has been renamed since the Server Certificate object was created. The name of this server can be found by looking at the General tab of the Server Certificate object in ConsoleOne.
-
Delete the object.
If the object is not a Server Certificate object, choose another key pair name and repeat the operation.
Possible Cause:
An internal error occurred.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1220 0xFFFFFB3C PKI E INVALID CREATE CA REQUEST
Source:
Novell Certificate Server
Explanation:
Not currently used.
Possible Cause:
An old version of the pki.nlm is being used.
-1221 0xFFFFFB3B PKI E INVALID OBJECT
Source:
Novell Certificate Server
Explanation:
The specified object is not the expected type or does not contain the expected information.
Possible Cause:
eDirectory or NDS is experiencing synchronization delays during the creation of a server certificate.
Action:
If the Server Certificate object that was created has not already been deleted, delete it. Complete one or more of the following solutions in the order listed until the error is resolved:
Possible Cause:
Pki.nlm is not compatible with the version of the Novell Certificate Server snap-in used in ConsoleOne.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
Possible Cause:
A third-party application using the Novell Certificate Server APIs requested to read certificates from an object that is not an Organizational Certificate Authority or a Server Certificate object.
Action:
Contact the vendor of the third-party application.
Possible Cause:
An internal error occurred.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1222 0xFFFFFB3A PKI E NOT SUPPORTED
Source:
Novell Certificate Server
Explanation:
Novell Certificate Server does not support the requested operation.
Possible Cause:
NetWare Administrator is being used to administer Novell Certificate Server.
Action:
Use ConsoleOne with the latest version of the Novell Certificate Server snap-in.
Possible Cause:
Pki.nlm is not compatible with the version of the Novell Certificate Server snap-in used in ConsoleOne.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
Possible Cause:
A third-party application using the Novell Certificate Server APIs requested to read certificates from an object that is not an Organizational Certificate Authority or a Server Certificate object.
Action:
Contact the vendor of the third-party application.
Possible Cause:
An internal error occurred.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1223 0xFFFFFB39 PKI E ADD TRUSTED ROOT
Source:
Novell Certificate Server
Explanation:
Not currently used.
Possible Cause:
An old version of the pki.nlm is being used.
-1224 0xFFFFFB38 PKI E ADD KEYPAIR
Source:
Novell Certificate Server
Explanation:
Not currently used.
Possible Cause:
An old version of the pki.nlm is being used.
-1225 0xFFFFFB37 PKI E ADD CERTIFICATE
Source:
Novell Certificate Server
Explanation:
The User Certificate created was not stored in the User object.
Possible Cause:
eDirectory or NDS is experiencing synchronization delays during the creation of a User Certificate.
Action:
Put a writable replica of the partition that contains the User object on the server that hosts the Organizational Certificate Authority. When creating the User Certificate, select the Organizational Certificate Authority’s server as the server that will generate the key pair.
Possible Cause:
A third-party application using the Novell Certificate Server APIs was unable to store the User Certificate in the User object.
Action:
Contact the vendor of the third-party application.
Possible Cause:
An internal error occurred.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
Possible Cause:
An old version of pki.nlm is being used.
-1226 0xFFFFFB36 PKI E EXPECTING CERTIFICATE
Source:
Novell Certificate Server
Explanation:
The user attempted to store a certificate or a certificate chain with an invalid encoding into Server Certificate object.
Possible Cause:
The certificate or certificate chain obtained from the Certificate Authority is invalid.
Action:
Perform the following operations:
-
Contact the Certificate Authority that issued the server certificate to obtain the Certificate Authority’s certificate.
-
Using ConsoleOne, view the Server Certificate object. Click Import.
-
Import the Certificate Authority’s certificate as the trusted root.
-
Import the server’s certificate as the object certificate.
If the problem persists, contact the Certificate Authority.
Possible Cause:
An old version of pki.nlm is being used.
-1227 0xFFFFFB35 PKI E BROKEN CHAIN
Source:
Novell Certificate Server
Explanation:
The certificate chain being stored in a Server Certificate object is invalid.
The certificate being stored in a Server Certificate object cannot be validated using the certificate chain that is being stored in the Server Certificate object or that has already been stored in the Server Certificate object.
The certificate chain stored in a Server Certificate object is invalid or corrupted.
Possible Cause:
The certificate was generated by an external Certificate Authority. When the server certificate was imported, the option to import a trusted root certificate was skipped.
Action:
Perform the following operations:
-
Contact the Certificate Authority that issued the server certificate to obtain the Certificate Authority’s certificate.
-
Using ConsoleOne, view the Server Certificate object. Click Import.
-
Import the Certificate Authority’s certificate as the trusted root.
-
Import the server’s certificate as the object certificate.
Possible Cause:
The certificate was generated by an external Certificate Authority. When the server certificate was imported, the server certificate was imported before the trusted root certificate.
Action:
Perform the following operations:
-
Using ConsoleOne, view the Server Certificate object. Click Import.
-
Import the Certificate Authority’s certificate as the trusted root.
-
Import the server’s certificate as the object certificate.
Possible Cause:
The certificate obtained from the Certificate Authority is invalid.
Action:
Contact the Certificate Authority.
Possible Cause:
An error occurred during the creation of the server certificate.
Action:
Delete the Server Certificate object and retry the operation.
Possible Cause:
The Server Certificate object has been corrupted.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
Possible Cause:
An internal error occurred.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1228 0xFFFFFB34 PKI E INIT ERROR
Source:
Novell Certificate Server
Explanation:
The client could not initialize the required eDirectory or NDS context.
Possible Cause:
Other applications running on the client are consuming memory.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-
Exit any unnecessary applications on the client and try the operation again.
-
Increase the memory available to the client workstation.
-
Reboot the client workstation.
Possible Cause:
An old version of pki.nlm is being used.
-1229 0xFFFFFB33 PKI E WRONG VERSION
Source:
Novell Certificate Server
Explanation:
An unrecognized version of a NetWare Core Protocol (NCP) has been sent to the server.
Data stored in the User object is not in a recognized format.
Possible Cause:
The versions of pki.nlm on the servers in the tree are not the same.
Possible Cause:
An error occurred during the creation of the User Certificate, or the User object has become corrupted.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-
Restore the eDirectory or NDS partition that the corrupted User object resides in from backup.
-
Delete all of the certificates in the User object and create new ones.
-
Delete the User object and re-create it.
WARNING:Use care when deleting User Certificates. Deleting a User Certificate also deletes the user’s private key. Without the private key, data encrypted using the public key in the certificate (for example, e-mail) cannot be decrypted.
Possible Cause:
An internal error occurred.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1230 0xFFFFFB32 PKI E ONLY ONE TREE CA
Source:
Novell Certificate Server
Explanation:
An attempt was made to create an Organizational Certificate Authority when one already exists. Only one Organizational Certificate Authority is permitted in an eDirectory or NDS tree.
Possible Cause:
A third-party application is using the Novell Certificate Server APIs to create an Organizational Certificate Authority when one already exists.
Action:
Contact the vendor of the third-party application.
Possible Cause:
An old version of pki.nlm is being used.
-1231 0xFFFFFB31 PKI E BAD ROOT INDEX
Source:
Novell Certificate Server
Explanation:
The certificate chain stored in a Server Certificate object has been corrupted.
The certificate chain stored in the Organizational Certificate Authority object has been corrupted.
Possible Cause:
An error occurred during the creation of the server certificate.
Action:
Delete the Server Certificate object and retry the operation.
Possible Cause:
The Server Certificate object has been corrupted.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
Possible Cause:
The Organizational Certificate Authority object has been corrupted.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-
Restore the eDirectory or NDS partition that the corrupted Organizational Certificate Authority object resides in from backup.
-
Delete the Organizational Certificate Authority object and create a new one.
WARNING:Use care when deleting the Organizational Certificate Authority. After the Organizational Certificate Authority object is deleted, all User and Server Certificates signed by the Certificate Authority will cease to be valid and should be deleted. After the new Organizational Certificate Authority has been created, certificates for users and servers can be re-created as needed.
WARNING:Use care when deleting User Certificates. Deleting a User Certificate also deletes the user’s private key. Without the private key, data encrypted using the public key in the certificate (for example, e-mail) cannot be decrypted.
Possible Cause:
An internal error occurred.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1232 0xFFFFFB30 PKI E SUBJECT NAME COMPARISON FAILURE
Source:
Novell Certificate Server
Explanation:
The subject name stored in the Server Certificate object is not the same as the subject name within the certificate that is being stored.
The subject name of a certificate in the Organizational Certificate Authority’s certificate chain does not match the expected value.
The subject name of a certificate in the NICI Machine Unique Certificate Authority’s certificate chain does not match the expected value.
Possible Cause:
The external Certificate Authority changed the requested subject name in the issued certificate.
Action:
When requesting a certificate from an external Certificate Authority, you can specify any subject name. However, the Certificate Authority might impose restrictions on the syntax and ordering of the name components in the certificates that it creates. If your Certificate Authority has issued the certificate with subject name that is different than the one that you specified, you should examine the new subject name and determine whether it meets your needs. If so, ignore the error message and continue with the installation of the certificates into the Server Certificate object.
If the new subject name does not meet your needs, you should not accept the certificate. You should contact your Certificate Authority to determine its naming policy. Then delete the previously created Server Certificate object and create a new one specifying a subject name that conforms to the Certificate Authority’s policy.
NOTE:Depending on the Certificate Authority that the original request was sent to, an additional charge could be assessed if the Certificate Authority issues an additional certificate. You should contact your Certificate Authority to determine its policy.
Possible Cause:
The Server Certificate object is corrupted.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
Possible Cause:
An internal error occurred.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
Possible Cause:
The Organizational Certificate Authority object has been corrupted.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
WARNING:Use care when deleting the Organizational Certificate Authority. After the Organizational Certificate Authority object is deleted, all User and Server Certificates signed by the Certificate Authority will cease to be valid and should be deleted. After the new Organizational Certificate Authority has been created, certificates for user and servers can be re-created as needed.
WARNING:Use care when deleting User Certificates. Deleting a User Certificate also deletes the user’s private key. Without the private key, data encrypted using the public key in the certificate (for example, e-mail) cannot be decrypted.
-1233 0xFFFFFB2F PKI E PUBLIC KEY COMPARISON FAILURE
Source:
Novell Certificate Server
Explanation:
The public key stored in the Server Certificate object is not the same as the public key within the certificate being stored.
Possible Cause:
The certificate is being stored in the wrong Server Certificate object.
Action:
Check the subject name in the certificate and find the Server Certificate object(s) that expect that subject name. Try to import the certificate into those Server Certificate objects until you find the Server Certificate object that the Certificate Signing Request was generated from.
Possible Cause:
The external Certificate Authority inadvertently changed the specified public key before issuing the certificate.
Action:
Contact your Certificate Authority.
Possible Cause:
The Server Certificate object is corrupted.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1234 0xFFFFFB2E PKI E NO RIGHTS
Source:
Novell Certificate Server
Explanation:
The user does not have the appropriate eDirectory or NDS rights to perform the operation.
Possible Cause:
The user has made a request to perform an operation, such as generating a certificate or exporting a private key, for which the user doesn’t have enough eDirectory or NDS rights.
Action:
Check the listing of entry rights required to administer Novell Certificate Server. This listing is in the Novell Certificate Server Administration Guide on the Novell Documentation Web site. Then, either give the user the necessary rights to complete the operation or have an administrator with the appropriate rights perform the operation.
Possible Cause:
A third-party application using the Novell Certificate Server APIs has created an eDirectory or NDS object but has failed to grant the necessary rights to use the object.
Action:
Contact the vendor of the third-party application.
-1235 0xFFFFFB2D PKI TERISA ESTABLISH CONTEXT ERROR
Source:
Novell Certificate Server
Explanation:
The server could not establish a Terisa context.
Possible Cause:
Other applications running on the server are consuming memory.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-
Unload any unnecessary applications on the server and try the operation again.
-
Unload pki.nlm, reload it, and try the operation again.
-
Restart the server.
Possible Cause:
An internal error occurred.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1236 0xFFFFFB2C PKI TERISA ADD ROOT ERROR
Source:
Novell Certificate Server
Possible Cause:
The certificate obtained from an external Certificate Authority is invalid.
Action:
Contact the Certificate Authority.
Possible Cause:
Other applications running on the server are consuming memory.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-
Unload any unnecessary applications on the server and try the operation again.
-
Unload pki.nlm, reload it, and try the operation again.
-
Restart the server.
Possible Cause:
An internal error occurred.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1237 0xFFFFFB2B PKI TERISA ADD KEYS ERROR
Source:
Novell Certificate Server
Possible Cause:
Other applications running on the server are consuming memory.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-
Unload any unnecessary applications on the server and try the operation again.
-
Unload pki.nlm, reload it, and try the operation again.
-
Restart the server.
Possible Cause:
An internal error occurred.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1238 0xFFFFFB2A PKI TERISA ADD CERTIFICATE ERROR
Source:
Novell Certificate Server
Explanation:
The server could not store the specified certificate or certificate chain in the Server Certificate object.
Possible Cause:
The certificate was generated by an external Certificate Authority. The server’s certificate or certificate chain is invalid.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-
Obtain another copy of the issued certificate from the external Certificate Authority.
-
Obtain another copy of the external Certificate Authority’s certificate.
-
Contact the Certificate Authority.
Possible Cause:
Other applications running on the server are consuming memory.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-
Unload any unnecessary applications on the server and try the operation again.
-
Unload pki.nlm, reload it, and try the operation again.
-
Restart the server.
Possible Cause:
An internal error occurred.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1239 0xFFFFFB29 PKI E SYSTEM RESOURCES
Source:
Novell Certificate Server
Explanation:
The server could not allocate the required eDirectory or NDS context or the required NICI context.
Possible Cause:
Other applications running on the server are consuming memory.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-
Unload any unnecessary applications on the server and try the operation again.
-
Unload pki.nlm, reload it, and try the operation again.
-
Restart the server.
-1240 0xFFFFFB28 PKI E PARSE CERTIFICATE
Source:
Novell Certificate Server
Explanation:
Novell Certificate Server was unable to parse a certificate that has been stored or is being stored.
Possible Cause:
The user attempted to store a certificate or a certificate chain with an invalid encoding into Server Certificate object. The certificate or certificate chain obtained from the Certificate Authority is invalid.
Action:
Perform the following operations:
-
Contact the Certificate Authority that issued the server certificate to obtain the Certificate Authority’s certificate.
-
Using ConsoleOne, view the Server Certificate object. Click Import.
-
Import the Certificate Authority’s certificate as the trusted root.
-
Import the server’s certificate as the object certificate.
If the problem persists, contact the Certificate Authority.
Possible Cause:
Pki.nlm is not compatible with the version of the Novell Certificate Server snap-in used in ConsoleOne.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
Possible Cause:
The object that the certificate has been stored in is corrupted.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-
Restore the eDirectory or NDS partition that the corrupted object resides in from backup.
-
If the certificate is in a User object, delete the certificate and create a new one.
-
If the certificate is in a Server Certificate object, delete the Server Certificate object and create a new one.
-
If the certificate is in the Organizational Certificate Authority object, delete the Organizational Certificate Authority object and create a new one.
WARNING:Use care when deleting the Organizational Certificate Authority. After the Organizational Certificate Authority object is deleted, all User and Server Certificates signed by the Certificate Authority will cease to be valid and should be deleted. After the new Organizational Certificate Authority has been created, certificates for user and servers can be re-created as needed.
WARNING:Use care when deleting User Certificates. Deleting a User Certificate also deletes the user’s private key. Without the private key, data encrypted using the public key in the certificate (for example, e-mail) cannot be decrypted.
-1241 0xFFFFFB27 PKI E NO TREE CA
Source:
Novell Certificate Server
Explanation:
An Organizational Certificate Authority does not exist for the eDirectory or NDS tree.
Possible Cause:
A third-party application using the Novell Certificate Server APIs encountered an error because the Organizational Certificate Authority does not exist.
Action:
Contact the vendor of the third-party application.
Possible Cause:
An old version of the pki.nlm is being used.
-1242 0xFFFFFB26 PKI E INVALID NICKNAME
Source:
Novell Certificate Server
Explanation:
A User Certificate with the specified nickname does not exist.
Possible Cause:
The certificate has been created, but eDirectory or NDS has not yet synchronized.
Action:
The partition that the User object resides in must be synchronized to all servers that hold a replica before a newly created certificate can viewed. Normally, synchronization will occur automatically, but it may take some time. If synchronization does not occur within a reasonable timeframe, run dsrepair.nlm on the servers in the replica ring.
Possible Cause:
The certificate with the specified nickname has been deleted or was not created.
Action:
Create a certificate for the user with the specified nickname.
-1243 0xFFFFFB25 PKI E USER ALREADY IN LIST
Source:
Novell Certificate Server
Explanation:
Not currently used.
-1244 0xFFFFFB24 PKI E USER NOT FOUND IN LIST
Source:
Novell Certificate Server
Explanation:
Not currently used.
-1246 0xFFFFFB22 PKI E USER CERT NOT FOUND
Source:
Novell Certificate Server
Explanation:
Not currently used.
-1247 0xFFFFFB21 PKI E INVALID ALGORITHM
Source:
Novell Certificate Server
Explanation:
The cryptographic algorithm necessary for a NICI operation is not supported by Novell Certificate Server.
Possible Cause:
Novell Certificate Server is not compatible with the version of NICI on the server.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1248 0xFFFFFB20 PKI E INVALID OPERATION
Source:
Novell Certificate Server
Explanation:
The requested operation cannot be performed by the Novell Certificate Server.
Possible Cause:
A third-party application using the Novell Certificate Server APIs requested a path length for a certificate that was not less than the path length specified in the Organizational Certificate Authority’s certificate.
Action:
Contact the vendor of the third-party application.
Possible Cause:
Novell Certificate Server is not compatible with the version of NICI on the server.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1249 0xFFFFFB1F PKI E INVALID DIGEST
Source:
Novell Certificate Server
Explanation:
Not currently used.
-1251 0xFFFFFB1D PKI E DATA NOT READY
Source:
Novell Certificate Server
Explanation:
Not currently used.
-1252 0xFFFFFB1C PKI E INVALID KDK ID
Source:
Novell Certificate Server
Explanation:
Not currently used.
-1253 0xFFFFFB1B PKI E INTERNAL ERROR
Source:
Novell Certificate Server
Explanation:
An unexpected internal error has occurred.
Possible Cause:
An internal error occurred.
Action:
Contact the vendor of the third-party application.
Possible Cause:
Novell Certificate Server is not compatible with the version of NICI on the server.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
Possible Cause:
A third-party application using the Novell Certificate Server APIs made an unexpected request.
Action:
Contact the vendor of the third-party application.
-1254 0xFFFFFB1A PKI E INVALID CERTIFICATE TIME
Source:
Novell Certificate Server
Explanation:
The validity period requested for the certificate is not valid.
The Organizational Certificate Authority is not yet operational.
Possible Cause:
The Organizational Certificate Authority has just been created and, due to differences in Daylight Saving Time, the Certificate Authority does not appear to be operational yet.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
Possible Cause:
The current time on the client workstation is not correct.
Action:
Reset the time on the client workstation and retry the operation.
Possible Cause:
The current time on the server is not correct or has not been synchronized.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-
Set or synchronize the time on the server.
-
If the validity period of the Organizational Certificate Authority’s certificate is not appropriate, delete the Organizational Certificate Authority and re-create it.
WARNING:Use care when deleting the Organizational Certificate Authority. After the Organizational Certificate Authority object is deleted, all User and Server Certificates signed by the Certificate Authority will cease to be valid and should be deleted. After the new Organizational Certificate Authority has been created, certificates for user and servers can be re-created as needed.
WARNING:Use care when deleting User Certificates. Deleting a User Certificate also deletes the user’s private key. Without the private key, data encrypted using the public key in the certificate (for example, e-mail) cannot be decrypted.
Possible Cause:
The Organizational Certificate Authority has just been created, but eDirectory or NDS has not fully synchronized. The server that hosts the Organizational Certificate Authority is unable to read the Organizational Certificate Authority object.
Action:
Configure the server such that it holds writable replicas of the partitions that hold its own Server object and the Organizational Certificate Authority object.
Possible Cause:
The current time on the client workstation or on the Organizational Certificate Authority’s server is earlier than the effective date in the Organizational Certificate Authority’s certificate.
Action:
If the time on the client workstation and on the server is correct, wait until the Organizational Certificate Authority’s certificate becomes active before issuing a certificate. If the time on the client workstation or the server is incorrect, set them and retry the operation.
Possible Cause:
A third party application using the Novell Certificate Server APIs requested a validity period for a certificate which began before the Organizational Certificate Authority’s certificate became valid or that ended after the Organizational Certificate Authority’s certificate expired.
Action:
Contact the vendor of the third-party application.
Possible Cause:
A third-party application using the Novell Certificate Server APIs requested a validity period for the Organizational Certificate Authority’s certificate that began before the NICI Machine Unique Certificate Authority’s certificate became valid or that ended after the NICI Machine Unique Certificate Authority’s certificate expired.
Action:
Contact the vendor of the third-party application.
Possible Cause:
An internal error occurred.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1255 0xFFFFFB19 PKI E EXPIRED CERTIFICATE
Source:
Novell Certificate Server
Explanation:
A certificate is no longer valid because it has expired.
Possible Cause:
The Organizational Certificate Authority’s certificate has expired.
Action:
If the Organizational Certificate Authority’s certificate has expired, delete the Organizational Certificate Authority object and create a new one.
WARNING:Use care when deleting the Organizational Certificate Authority. After the Organizational Certificate Authority object is deleted, all User and Server Certificates signed by the Certificate Authority will cease to be valid and should be deleted. After the new Organizational Certificate Authority has been created, certificates for user and servers can be re-created as needed.
WARNING:Use care when deleting User Certificates. Deleting a User Certificate also deletes the user’s private key. Without the private key, data encrypted using the public key in the certificate (for example, e-mail) cannot be decrypted.
Possible Cause:
The current time on the client workstation is not correct.
Action:
Reset the time on the client workstation and retry the operation.
Possible Cause:
The current time on the server is not correct or has not been synchronized.
Action:
Set or synchronize the time on the server.
Possible Cause:
An internal error occurred.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1256 0xFFFFFB18 PKI E INVALID SIGNATURE
Source:
Novell Certificate Server
Explanation:
Not currently used.
-1257 0xFFFFFB17 PKI E KDK TABLE FULL
Source:
Novell Certificate Server
Explanation:
Not currently used.
-1258 0xFFFFFB16 PKI E CERT INVALID
Source:
Novell Certificate Server
Explanation:
Not currently used.
-1259 0xFFFFFB15 PKI E CA ALREADY INSTALLED
Source:
Novell Certificate Server
Explanation:
Not currently used.
-1260 0xFFFFFB14 PKI E CA NOT OPERATIONAL
Source:
Novell Certificate Server
Explanation:
The specified server is not a Certificate Authority.
Possible Cause:
The server hosting the Organizational Certificate Authority is unable to read the Organizational Certificate Authority object.
Action:
Configure the server such that it holds writable replicas of the partitions that hold its own Server object and the Organizational Certificate Authority object.
Possible Cause:
An internal error occurred.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
Possible Cause:
The Organizational Certificate Authority object has been corrupted.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-
Restore the eDirectory or NDS partition in that the corrupted Organizational Certificate Authority object resides in from backup.
-
Delete the Organizational Certificate Authority object and recreate it.
WARNING:Use care when deleting the Organizational Certificate Authority. After the Organizational Certificate Authority object is deleted, all User and Server Certificates signed by the Certificate Authority will cease to be valid and should be deleted. After the new Organizational Certificate Authority has been created, certificates for user and servers can be re-created as needed.
WARNING:Use care when deleting User Certificates. Deleting a User Certificate also deletes the user’s private key. Without the private key, data encrypted using the public key in the certificate (for example, e-mail) cannot be decrypted.
-1261 0xFFFFFB13 PKI E KEY FAILURE
Source:
Novell Certificate Server
Explanation:
An error occurred while transporting a user’s private key to the client.
Possible Cause:
A network interruption has occurred while the private key was being downloaded to the client.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
Possible Cause:
An internal error occurred.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1262 0xFFFFFB12 PKI E INVALID KEY ID
Source:
Novell Certificate Server
Explanation:
The specified certificate nickname could not be found.
Possible Cause:
An error occurred during the creation of the User Certificate.
Action:
Delete the key pair and/or certificate stored in the User object under the specified nickname. Repeat the operation.
Possible Cause:
The User object has become corrupted
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-
Restore the eDirectory or NDS partition that the corrupted User object resides in from backup.
-
Delete all of the certificates on the User object and create new ones.
-
Delete the User object and re-create it.
WARNING:Use care when deleting User Certificates. Deleting a User Certificate also deletes the user’s private key. Without the private key, data encrypted using the public key in the certificate (for example, e-mail) cannot be decrypted.
Possible Cause:
An internal error occurred.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1263 0xFFFFFB11 PKI E ACCESS DENIED
Source:
Novell Certificate Server
Explanation:
The user does not have the appropriate eDirectory or NDS rights to perform the operation.
Possible Cause:
An internal error occurred.
Action:
Complete one or more of the following solutions in the order listed until the error is resolved:
-1264 0xFFFFFB10 PKI E NICI OUT OF SYNC
Source:
Novell Certificate Server
Explanation:
Not currently used.
-1265 0xFFFFFB0F PKI E NO SECURITY CONTAINER
Source:
Novell Certificate Server
Explanation:
The Security container cannot be found.
Possible Cause:
The Security container has been renamed.
Action:
Rename the Security container to “Security”.
Possible Cause:
The Security container has been moved.
Action:
Move the Security container so that its is directly subordinate to [Root].
Possible Cause:
The server that hosts the Organizational Certificate Authority is unable to read the Security container.
Action:
Configure the server that hosts the Organizational Certificate Authority so that it holds a writable replica of the partition that holds the Security container.
-1266 0xFFFFFB0E PKI E NO IP ADDRESSES
Source:
Novell Certificate Server
Explanation:
IP has not been configured for the specified server.
Possible Cause:
IP was not set up or was not configured correctly for the server.
Action:
If an IP address is not desired, no action is necessary. If an IP address is desired, you will need to set it up on the specified server. See the Novell Documentation Web site for information on how to set up and configure IP on a NetWare server.
-1267 FFFFFB0D PKI E NICKNAME IN USE
Source:
Novell Certificate Server
Explanation:
The nickname specified is already being used.
-1268 FFFFFB0C PKI E NOT CONNECTED TO SERVICE
Source:
Novell Certificate Server
Explanation:
The workstation is not connected to a server that can perform the requested operation.
-1269 FFFFFB0B PKI E DUPLICATE
Source:
Novell Certificate Server
Explanation:
Not currently used.
-1270 FFFFFB0A PKI E CRL INVALID
Source:
Novell Certificate Server
Explanation:
The Certificate Revocation List (CRL) is invalid.
-1271 FFFFFB09 PKI E CERT NOT FOUND
Source:
Novell Certificate Server
Explanation:
The specified certificate could not be found.
-1272 FFFFFB08 PKI E INVALID CONTEXT
Source:
Novell Certificate Server
Explanation:
The specified context is not currently valid.