com.ibm.ws.ssl.resources.ssl

CWPKI0001I: The SSL service is initializing the configuration.
CWPKI0002I: SSL service initialization completed successfully.
CWPKI0003I: The SSL service is starting.
CWPKI0004I: The SSL service started successfully.
CWPKI0005I: SSL service initialization did not succeed.
CWPKI0006E: An exception occurred when trying to create or register {0} mBean. Exception: {1}
CWPKI0007I: The SSL service did not start successfully.
CWPKI0008E: An error occurred during SSL initialization. Exception: {0}
CWPKI0009E: The system cannot create the security object during initialization.
CWPKI0010E: The system cannot obtain the WebSphere Application Server process type during initialization.
CWPKI0011E: Resource {0} could not be loaded from the cell. Exception: {1}
CWPKI0012I: FIPS is enabled. The server is running in FIPS mode, using the IBMJCEFIPS provider.
CWPKI0013W: FIPS is enabled, but the IBMJCEFIPS provider is not active in the java.security file. This file needs to be changed to include the IBMJCEFIPS provider in the provider list before the IBMJCE provider.
CWPKI0014I: FFDC Diagnostic Module {0} for the SSL component registered successfully: {1}
CWPKI0015E: An error occurred while stopping the SSL component. Exception: {0}
CWPKI0016W: The certificate with alias {0} from keyStore {1} will be expired in {2} days.
CWPKI0017E: The certificate with alias {1} from keyStore {2} is expired.
CWPKI0018W: The keystore type of {0} is not valid for SSL configuration alias {1}.
CWPKI0019E: An error occurred while parsing the SSL client configuration file {0}. Exception: {1}
CWPKI0020E: An error occurred while loading custom trust manager class {0}. Exception: {1}
CWPKI0021E: An error occurred while loading custom key manager class {0}. Exception: {1}
CWPKI0022E: SSL HANDSHAKE FAILURE: A signer with SubjectDN {0} was sent from the target host. The signer might need to be added to local trust store {1}, located in SSL configuration alias {2}. The extended error message from the SSL handshake exception is: {3}
CWPKI0023E: The certificate alias {0} specified by the property com.ibm.ssl.keyStoreClientAlias is not found in KeyStore {1}.
CWPKI0024E: The certificate alias {0} specified by the property com.ibm.ssl.keyStoreServerAlias is not found in KeyStore {1}.
CWPKI0025E: The system could not load the https Handler class {0}. Extended error message: {1}
CWPKI0026E: An error occurred while reinitializing the SSL configuration after a change to the security.xml file. Extended error message: {0}
CWPKI0027I: Default hostname verification for HTTPS URL connections is being disabled.
CWPKI0028E: SSL handshake protocol {0} is not valid. This protocol is specified in the SSL configuration alias {1} loaded from SSL configuration file {2}. Extended error message: {3}
CWPKI0029E: SSL context provider {0} is not valid. This provider is specified in the SSL configuration alias {1} loaded from SSL configuration file {2}. Extended error message: {3}
CWPKI0030E: An error occurred while exchanging signers between cell and node. Exception: {0}
CWPKI0031E: An error occurred while creating a client keystore or truststore during initialization. Exception: {0}
CWPKI0032E: An error occurred while creating a self-signed certificate. Exception: {0}
CWPKI0033E: The keystore located at {0} did not load because of the following error: {1}
CWPKI0034E: Schedule {0} could not be initialized because of the following error: {1}
CWPKI0035E: Schedule {0} could not read the next scheduled date. The alarm is being initialized for the following date: {1}
CWPKI0036E: An error occurred while sending email to {0} using SMTP server {1}. Exception: {2}
CWPKI0037I: The expiration monitor reports the following information: {0}
CWPKI0038E: The expiration monitor did not start. Error: {0}
CWPKI0039E: Cannot find Node connector properties for the hostname {0} in the hostlist for keystore {1}.
CWPKI0040I: An SSL handshake error occurred from a secure client. The server SSL signer has to be added to the client trust store. A retrieveSigners utility is provided to download signers from the server but requires administrative permission. Arrange with your administrator to have this utility run to setup the secure environment before running the client. Alternatively, you can enable the com.ibm.ssl.enableSignerExchangePrompt in ssl.client.props for "DefaultSSLSettings" to allow acceptance of the signer during the connection attempt.
CWPKI0041W: One or more key stores are using the default password.
CWPKI0042E: An exception occurred while storing a certificate in the issued certificates key store. Exception: {0}
CWPKI0043E: An error occurred while creating a chained certificate. Exception: {0}
CWPKI0044E: A PasswordEncryptException exception was generated during custom encryption. Exception: {1}
CWPKI0045E: A password was received that is encrypted with a custom algorithm that is not currently configured.
CWPKI0046E: The system could not get the HW crypto initialization status: {1}
CWPKI0047E: The system could not get the HW crypto provider instance: {1}
CWPKI0048E: The system could not get the HW crypto provider instance: tokenLib: {1}, tokenSlot: {2}, exception: {3}
CWPKI0049W: UseFIPS is enabled but the SSL configuration is not using a FIPS-approved JSSE Provider. Threfore FIPS-approved cryptographic algorithms will not be used.
CWPKI0200E: An attempt to generate keys using KeySet {0} occurred when the KeySet is not configured to generate keys. Message: {1}
CWPKI0201E: An error occurred while retrieving key alias {0} from KeySet {1}. Exception: {2}
CWPKI0202E: An error occurred trying to instantiate the key generation class {0} configured in KeySet {1}. Message: {2}
CWPKI0203E: An attempt to import keys to KeySet {0} failed. Exception: {1}
CWPKI0204E: An error occurred during a scheduled key generation for KeySetGroup {0}. Exception: {1}
CWPKI0300I: Use the -listRemoteKeyStoreNames and -listLocalKeyStoreNames options to get a list of names for <remoteKeyStoreName> and <localKeyStoreName> respectively. Usage: retrieveSigners <remoteKeyStoreName> <localKeyStoreName> [options] options: [-profileName <profileName>] [-remoteAlias <aliasFromRemoteStore>] [-localAlias <storeAsAlias>] [-listRemoteKeyStoreNames] [-listLocalKeyStoreNames] [-autoAcceptBootstrapSigner] [-uploadSigners] [-host <host>] [-port <port>] [-conntype <RMI|SOAP>] [-user <user>] [-password <password>] [-trace] [-logfile <filename>] [-replacelog] [-quiet] [-help]
CWPKI0301I: Trace mode is on.
CWPKI0302E: The system cannot write to the trace log file at the following location: {0}
CWPKI0303I: Trace is being logged to the following location: {0}
CWPKI0304E: The <remoteKeyStoreName> specified as {0} was not found on the server.
CWPKI0305E: The <aliasFromRemoteStore> specified as {0} was not found in truststore {1} on the server.
CWPKI0306I: The following remote keystores exist on the specified server: {0}
CWPKI0307I: The following local keystores exist on the client: {0}
CWPKI0308I: The system is adding signer alias {0} to local keystore {1} with the following SHA digest: {2}
CWPKI0309I: All signers from the remote keystore already exist in the local keystore.
CWPKI0310E: The <localKeyStoreName> specified as {0} was not found on the client.
CWPKI0311E: The certificate with subject DN {0} has a start date {1} which is valid after the current date and time. This can happen if the client clock is set earlier than the server clock. Please verify the clocks are in sync between this client and server then retry the request.
CWPKI0312E: The certificate with subject DN {0} has an end date {1} which is no longer valid.
CWPKI0313W: The following option is not valid: {0}
CWPKI0314E: The following error is returned from an exception: {0}
CWPKI0315E: SSL configuration properties are null. There could be a problem parsing the SSL client configuration.
CWPKI0401I: Trace mode is on.
CWPKI0402E: The system cannot write to the trace log file at the following location: {0}
CWPKI0403I: Trace is being logged to the following location: {0}
CWPKI0404W: The following option is not valid: {0}
CWPKI0405E: The following error is returned from an exception: {0}
CWPKI0406E: The PKI client implementation class {0} could not be found.
CWPKI0407E: The PKI client implementation class {0} is not an instance of com.ibm.ws.ssl.WSPKIClient.
CWPKI0408E: Certificate {0} is not a personal certificate.
CWPKI0409E: Certificate alias {0} does not exist in key store {1}.
CWPKI0410E: The local keyStore specified as alias {0} was not found on the client.
CWPKI0411E: A certificate with a public key matching the public key in the certificate from the Certificate Authority (CA) is not found in keystore {0}.
CWPKI0412I: The certificate returned from the Certificate Authority (CA) is null. The certificate request was not processed immediately and must be obtained out-of-band using the queryCertificate command.
CWPKI0413E: Supply {0} value for {1}.
CWPKI0414E: The option {0} is required with a value.
CWPKI0415E: The following error occurred while initializing the Certificate Authority (CA) implementation: {0}
CWPKI0416E: The following error occurred while creating a Certificate Authority (CA) signed certificate: {0}
CWPKI0417E: The following error occurred while revoking a Certificate Authority (CA) signed certificate: {0}
CWPKI0418E: The following error occurred while querying the Certificate Authority (CA) for a signed certificate: {0}
CWPKI0419E: The system was unable to receive the certificate because the keystore specified is read-only.
CWPKI0420E: The certifcate request was processed by the Certificate Authority (CA) but could not be stored in the keystore specified. The certificate will be revoked and a retry of the request is necessary. Check the previous error messages and correct the issues before retrying the certificate request.
CWPKI0421I: A PKCS10 certificate request with alias {0} was successfully created. The request is stored in the following file: {1}
CWPKI0422I: The system is generating a PKCS10 certificate request.
CWPKI0423E: The PKCS10 certifcate request could not be created because of the following error: {0}
CWPKI0424E: Certificate alias {0} already exists in key store {1}.
CWPKI0425E: The subjectDN supplied is incorrect.
CWPKI0426W: The following options were not recognized and will be ignored: {0}
CWPKI0427E: The custom attributes cannot be parsed.
CWPKI0450E: Attribute {0} is missing or of an incorrect type. Correct type is {1}.
CWPKI0451E: The certificate request is null.
CWPKI0452E: The revocation password for this request is null.
CWPKI0453E: The following unexpected exception has occurred: {0}
CWPKI0454E: The system could not create temporary file {0}.
CWPKI0455I: Requesting a Certificate Authority (CA) signed certificate.
CWPKI0456E: An exception occurred when requesting the certificate: {0}
CWPKI0457E: An exception occurred when revoking the certificate: {0}
CWPKI0458E: An exception occurred when querying the certificate: {0}
CWPKI0459E: The certificate chain is null.
CWPKI0460I: Revoking a Certificate Authority (CA) signed certificate.
CWPKI0461I: Action {0} is not supported by this implementation.
CWPKI0462I: A certificate revocation request for certificate alias {0} has been initiated. Reason: {1}
CWPKI0463I: Certificate received and stored in keystore {0} as alias {1}.
CWPKI0800E: An internal error occurred. Exception caught adding IBMJCEFIPS provider. Exception: {0}
CWPKI0801E: Unable to create default SSL configuration. Exception is {0}.
CWPKI0802I: Creating the SSL certificate. This may take a few seconds.
CWPKI0803A: SSL certificate created in {0} seconds. SSL key file: {1}
CWPKI0804E: SSL certificate creation error. Unable to create SSL key file: {0}
CWPKI0805E: A password is required for the default keystore is missing.
CWPKI0806E: The keystore configuration is incomplete, the location and type must be specified.
CWPKI0807W: The keyStore location {0} could not be found for element with id attribute {1}.
CWPKI0808E: A password of at least 6 characters is required to create the default keystore. The default keystore is not created.
CWPKI0809W: There is a failure loading the {0} keystore. If an SSL configuration references the {1} keystore, then the SSL configuration will fail to initialize.
CWPKI0810I: The {0} keystore is read only and the certificate will not be written to the keystore file. Trust will be accepted only for this connection.
CWPKI0811I: The keystore file {0} has been modified. The keystore file will be reloaded so the updated keystore file can be used.
CWPKI0812E: Error while trying to get the [{0}] key from the [{1}] keystore. Check to make sure the entry is a key and the key password is correct. Exception returned is: [{2}].
CWPKI0813E: Error while trying to initialize the keymanager for the keystore [{0}]. The private key password is not correct or the keystore has multiple private keys with different passwords. This keystore can not be used for SSL. Exception message is: [{1}].
CWPKI0814E: An error while initializing hardware keystore [{0}]. Check the hardware configuration {1} file to be sure the attributes are set correctly. Exception returned from the provider is {2}.
CWPKI0815W: More than one OutboundConnection element specifies the [{0}] host and [{1}] port as a filter. The OutboundConnection element configured on the [{2}] SSL element will be used.
CWPKI0816W: The outboundConnection element with an asterisk (*) as the host and port is set to the [{0}] SSL configuration. This setting is in conflict with the outboundSSLRef attribute setting. The {1} SSL configuration that is specified by the outboundSSLRef attribute is used.
CWPKI0817A: The default SSL configuration expects a <keyStore> element with an id value of {0}, and a password. The {0} <keyStore> element is missing, or the password is not specified. If SSL is not required, this message can be ignored. If SSL is required, either define the missing element: <keyStore id="{0}" password="yourpassword" />, or change the default SSL configuration to use an existing keystore. See the following example: <ssl id="defaultSSLConfig" keyStoreRef="newKeyStore" />.
CWPKI0818E: The default SSL configuration references a <keyStore> element with an id value of {0}, which does not exist in the configuration or whose definition is missing a password. Either define a keystore with id {0} or update the <ssl id="defaultSSLConfig" keyStoreRef="{0}" /> to reference an existing keystore.