PKI_1.3.6.1.4.1.2011.6.122.34.0.2.9 hwPKICACertInvalid

Description

PKI/2/PKICACERTINVALID: OID [oid] the CA certificate is invalid. (CACertIssuer=[issuer], CACertSubject=[subject], CACertStartTime=[starttime], CACertFinishTime=[finishtime])

The CA certificate is invalid.

Attribute

Alarm ID Alarm Severity Alarm Type

1.3.6.1.4.1.2011.6.122.34.0.2.9

Major

communicationsAlarm

Parameters

Name Meaning

oid

Indicates the MIB object ID of the alarm.

issuer

Indicates the issuer of the CA certificate.

subject

Indicates the subject of the CA certificate.

starttime

Indicates the time when the CA certificate starts to take effect.

finishtime

Indicates the time when the CA certificate expires.

Impact on the System

After the CA certificate expires, all services bound to the PKI realm cannot establish connections using SSL.

Possible Causes

The CA certificate is invalid.

Procedure

  1. Run the display clock command to check whether the device time is correct.

    If not, run the clock datetime command in the user view to change the device time.

  2. Apply for a new certificate through SCEP or CMPv2 online or apply for a new certificate offline.
Parent Topic: PKI
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >