-1254 FFFFFB1A PKI E INVALID CERTIFICATE TIME

Source

NetIQ® Certificate Server

Explanation

The validity period requested for the certificate is not valid.

he Organizational Certificate Authority is not yet operational.

Possible Cause

The Organizational Certificate Authority has just been created and, due to differences in Daylight Saving Time, the Certificate Authority does not appear to be operational yet.

Action

Complete one or more of the following solutions in the order listed until the error is resolved:

Possible Cause

The current time on the client workstation is not correct.

Action

Reset the time on the client workstation and retry the operation.

Possible Cause

The current time on the server is not correct or has not been synchronized.

Action

Complete one or more of the following solutions in the order listed until the error is resolved:

WARNING: Use care when deleting the Organizational Certificate Authority. After the Organizational Certificate Authority object is deleted, all User and Server Certificates signed by the Certificate Authority will cease to be valid and should be deleted. After the new Organizational Certificate Authority has been created, certificates for user and servers can be re-created as needed.

WARNING: Use care when deleting User Certificates. Deleting a User Certificate also deletes the user's private key. Without the private key, data encrypted using the public key in the certificate (for example, e-mail) cannot be decrypted.

Possible Cause

The Organizational Certificate Authority has just been created, but NetIQ* eDirectory™ has not fully synchronized. The server that hosts the Organizational Certificate Authority is unable to read the Organizational Certificate Authority object.

Action

Configure the server such that it holds writable replicas of the partitions that hold its own Server object and the Organizational Certificate Authority object.

Possible Cause

The current time on the client workstation or on the Organizational Certificate Authority's server is earlier than the effective date in the Organizational Certificate Authority's certificate.

Action

If the time on the client workstation and on the server is correct, wait until the Organizational Certificate Authority's certificate becomes active before issuing a certificate. If the time on the client workstation or the server is incorrect, set them and retry the operation.

Possible Cause

A third party application using the NetIQ Certificate Server APIs requested a validity period for a certificate which began before the Organizational Certificate Authority's certificate became valid or that ended after the Organizational Certificate Authority's certificate expired.

Action

Contact the vendor of the third-party application.

Possible Cause

A third-party application using the NetIQ Certificate Server APIs requested a validity period for the Organizational Certificate Authority's certificate that began before the NetIQ* International Cryptographic Infrastructure (NICI) Machine Unique Certificate Authority's certificate became valid or that ended after the NICI Machine Unique Certificate Authority's certificate expired.

Action

Contact the vendor of the third-party application.

Possible Cause

An internal error occurred.

Action

Complete one or more of the following solutions in the order listed until the error is resolved:

A trademark symbol (®, TM, etc.) denotes a NetIQ trademark. An asterisk (*) denotes a third-party trademark. For information on trademarks, see Legal Notices.