PKI Services Manager Return Codes
Reflection PKI Services Manager returns the following codes to the application requesting validation services.
-
Code 0 = No errors, successful validation.
-
Codes 1-10 = Command-line errors, either with winpki or pkid.
-
Codes 11-19 = Network or protocol errors.
-
Codes 21-29 = Validation errors.
-
Codes 31-39 = Mapper errors (certificate is valid but could not be mapped).
-
Codes 41-49 = CRL or other revocation errors
Code | Meaning |
---|---|
0 | No errors. |
1 | General error, unknown cause. |
2 | Syntax error with the command, improper arguments. |
3 | PKI Services Manager is already running. |
4 | Error in the configuration file. |
5 | Timeout occurred while executing the command. |
6 | Network error (for example, cannot connect to PKI Services Manager). |
7 | Access denied, user does not have permission to run the command. |
8 | System error . This is an internal error. Re-run with –d switch to see what happened. |
9 | Migration or initialization failed. See migration error log. |
11 | Unknown command was requested by the calling application. |
12 | An exception was thrown by PKI Services Manager. For more information, see the PKI Services Manager event log. |
13 | Syntax error with the command or packet sent to PKI Services Manager. |
14 | Command was ignored (not currently used, internal error). |
15 | Processing error. The certificate sent to PKI Services Manager is not encoded correctly. |
16 | Command failed (commands are: stop, reload, reconfigure). |
17 | Signature mismatch. Sender did not sign with a matching key. |
18 | Format error. The ASN protocol was not properly formatted |
19 | PKI Services Manager is in FIPS mode and the certificate is not valid in that mode |
21 | Certificate is invalid (expired, not signed, bad key, etc.) |
22 | No path. The issuing certificate could not be located. |
23 | Certificate is revoked. |
24 | No trust anchor. The path did not terminate to a known trust anchor. |
25 | Other validation error. Policy or other constraints failed. |
26 | Path length to the end certificate exceeded the CA path length constraint. |
27 | Certificate policy is invalid or does not match assertions in effect. |
28 | Invalid certificate signature. |
29 | Unknown critical extension was encountered in a certificate or CRL. |
31 | Identity requested did not match allowed identities. |
32 | No identities are allowed for this certificate (no maps exist that match). |
33 | Calling application did not send an identity for matching (client-side error). |
34 | Certificate is valid, but requested WhoAmI processing |
41 | Unknown CRL processing error |
42 | No base for a delta CRL. |
43 | CRL has expired. |
44 | Cannot verify signature or it is bad. |
45 | Unknown CRL extension that is marked critical. |
46 | Mismatch of IDP field in CRL. |
47 | No CRL available. |