This topic contains error messages that might result due to SSL
initialization problems and provides solutions to help you troubleshoot these
problems.
The following messages display as a result of initialization
problems:
- Message: SSL0100S: GSK could not initialize, <errorCode>
- Reason: Initialization failed when the SSL library returned an unknown
error.
- Solution: None. Report this problem to Service.
- Message: SSL0101S: GSK could not initialize, Neither the password nor
the stash file name was specified. Could not open key file.
- Reason: The stash file for the key database could not be found or is corrupted.
- Solution: Use IKEYMAN to open the key database file and recreate the password
stash file.
- Message: SSL0102E: GSK could not initialize, Could not open key file.
- Reason: The server could not open the key database file.
- Solution: Check that the Keyfile directive is correct and that the file
permissions allow the Web server user ID to access the file.
- Message: SSL0103E: Internal error - GSK could not initialize, Unable
to generate a temporary key pair.
- Reason: GSK could not initialize; Unable to generate a temporary key pair.
- Solution: Report this problem to Service.
- Message: SSL0104E: GSK could not initialize, Invalid password for key
file.
- Reason: The password retrieved from the stash file could not open the
key database file.
- Solution: Use IKEYMAN to open the key database file and recreate the password
stash file. This problem could also result from a corrupted key database file.
Creating a new key database file may resolve the problem.
- Message: SSL0105E: GSK could not initialize, Invalid label.
- Reason: Specified key label is not present in key file.
- Solution: Check that the SSLServerCert directive is correct, if coded,
and that the label is valid for one of the keys in the key database.
- Message: SSL0106E: Initialization error, Internal error - Bad handle
- Reason: An internal error has occurred.
- Solution: Report this problem to Service.
- Message: SSL0107E: Initialization error, The GSK library unloaded.
- Reason: A call to the GSKit function failed because the dynamic link library
unloaded (Windows only).
- Solution: Shut down the server and restart.
- Message: SSL0108E: Initialization error, GSK internal error.
- Reason: The communication between client and the server failed due to
an error in the GSKit library.
- Solution: Retry connection from the client. If the error continues, report
the problem to Service.
- Message: SSL0109E: GSK could not initialize, Internal memory allocation
failure.
- Reason: The server could not allocate memory needed to complete the operation.
- Solution: Take action to free up some additional memory. Try reducing
the number of threads or processes running, or increasing virtual memory.
- Message :SSL0110E: Initialization error, GSK handle is in an invalid
state for operation.
- Reason: The SSL state for the connection is invalid.
- Solution: Retry connection from the client. If the error continues, report
the problem to Service.
- Message: SSL0111E: Initialization error, Key file label not found.
- Reason: Certificate or key label specified was not valid.
- Solution: Verify that the certificate name specified with the SSLServerCert
directive is correct or, if no SSLServerCert directive was coded, that a default
certificate exists in the key database.
- Message: SSL0112E: Initialization error, Certificate is not available.
- Reason: The client did not send a certificate.
- Solution: Set Client Authentication to optional if a client certificate
is not required. Contact the client to determine why it is not sending an
acceptable certificate.
- Message: SSL0113E: Initialization error, Certificate validation error.
- Reason: The received certificate failed one of the validation checks.
- Solution: Use another certificate. Contact Service to determine why the
certificate failed validation.
- Message: SSL0114E: Initialization error, Error processing cryptography.
- Reason: A cryptography error occurred.
- Solution: None. If the problem continues, report it to Service.
- Message: SSL0115E: Initialization error, Error validating ASN fields
in certificate.
- Reason: The server was not able to validate one of the ASN fields in the
certificate.
- Solution: Try another certificate.
- Message: SSL0116E: Initialization error, Error connecting to LDAP server.
- Reason: The Web server failed to connect to the CRL LDAP server.
- Solution: Verify that the values entered for the SSLCRLHostname and SSLCRLPort
directives are correct. If access to the CRL LDAP server requires authentication,
is the SSLCRLUserID directive coded and was the password added to the stash
file pointed to by the SSLStashfile directive.