CERTPROB_DH_GROUP_TOO_SMALL [line 192]
CERTPROB_DH_GROUP_TOO_SMALL = -225
|
|
Diffie-Hellman groups need to be 1024 bit at least, starting with OS X 10.11
CERTPROB_LOW_KEY_LENGTH [line 108]
CERTPROB_LOW_KEY_LENGTH = -220
|
|
one of the keys in the cert chain was smaller than 1024 bits
CERTPROB_MD5_SIGNATURE [line 104]
CERTPROB_MD5_SIGNATURE = -204
|
|
The/a server certificate was signed with an MD5 signature.
CERTPROB_NOT_ACCEPTED [line 180]
CERTPROB_NOT_ACCEPTED = -215
|
|
The server does accept this client certificate
CERTPROB_NOT_A_HOSTNAME [line 156]
CERTPROB_NOT_A_HOSTNAME = -218
|
|
One of the names in the cert was not a hostname.
CERTPROB_NO_BASICCONSTRAINTS [line 164]
CERTPROB_NO_BASICCONSTRAINTS = -211
|
|
The certificate does not set any BasicConstraints; particularly no CA = TRUE|FALSE
CERTPROB_NO_CDP [line 116]
The server certificate did not include a CRL Distribution Point, creating compat problems with Windows Phone 8.
CERTPROB_NO_CDP_HTTP [line 120]
CERTPROB_NO_CDP_HTTP = -207
|
|
The server certificate did a CRL Distribution Point, but not to a HTTP/HTTPS URL. Possible compat problems.
CERTPROB_NO_COMMON_EAP_METHOD [line 188]
CERTPROB_NO_COMMON_EAP_METHOD = -224
|
|
no EAP method could be agreed on, certs could not be extraced
CERTPROB_NO_CRL_AT_CDP_URL [line 124]
CERTPROB_NO_CRL_AT_CDP_URL = -208
|
|
The server certificate's CRL Distribution Point URL couldn't be accessed and/or did not contain a CRL.
CERTPROB_NO_SERVER_CERT [line 100]
CERTPROB_NO_SERVER_CERT = -202
|
|
There was no server certificate in the EAP server's chain.
CERTPROB_NO_TLS_WEBSERVER_OID [line 112]
CERTPROB_NO_TLS_WEBSERVER_OID = -205
|
|
The server certificate did not contain the TLS Web Server OID, creating compat problems with many Windows versions.
CERTPROB_OUTSIDE_VALIDITY_PERIOD [line 132]
CERTPROB_OUTSIDE_VALIDITY_PERIOD = -221
|
|
The received server certificate is revoked.
CERTPROB_OUTSIDE_VALIDITY_PERIOD_WARN [line 136]
CERTPROB_OUTSIDE_VALIDITY_PERIOD_WARN = -225
|
|
At least one certificate is outside its validity period (not yet valid, or already expired)!
CERTPROB_ROOT_INCLUDED [line 92]
CERTPROB_ROOT_INCLUDED = -200
|
|
The root CA certificate was sent by the EAP server.
CERTPROB_SERVER_CERT_REVOKED [line 128]
CERTPROB_SERVER_CERT_REVOKED = -222
|
|
certificate is not currently valid (expired/not yet valid)
CERTPROB_SERVER_NAME_MISMATCH [line 148]
CERTPROB_SERVER_NAME_MISMATCH = -210
|
|
The received server certificate's name did not match the configured name in the profile properties.
CERTPROB_SERVER_NAME_PARTIAL_MATCH [line 152]
CERTPROB_SERVER_NAME_PARTIAL_MATCH = -217
|
|
The received server certificate's name did not match the configured name in the profile properties.
CERTPROB_TOO_MANY_SERVER_CERTS [line 96]
CERTPROB_TOO_MANY_SERVER_CERTS = -201
|
|
There was more than one server certificate in the EAP server's chain.
CERTPROB_TRUST_ROOT_NOT_REACHED [line 140]
CERTPROB_TRUST_ROOT_NOT_REACHED = -209
|
|
At least one certificate is outside its validity period, but this certificate does not take part in servder validation
CERTPROB_TRUST_ROOT_REACHED_ONLY_WITH_OOB_INTERMEDIATES [line 144]
CERTPROB_TRUST_ROOT_REACHED_ONLY_WITH_OOB_INTERMEDIATES = -216
|
|
The received certificate chain did not carry the necessary intermediate CAs in the EAP conversation. Only the CAT Intermediate CA installation can complete the chain.
CERTPROB_UNABLE_TO_GET_CRL [line 184]
CERTPROB_UNABLE_TO_GET_CRL = 223
|
|
the CRL of a certificate could not be found
CERTPROB_UNKNOWN_CA [line 168]
CERTPROB_UNKNOWN_CA = -212
|
|
The server presented a certificate which is from an unknown authority
CERTPROB_WILDCARD_IN_NAME [line 160]
CERTPROB_WILDCARD_IN_NAME = -219
|
|
One of the names contained a wildcard character.
CERTPROB_WRONGLY_ACCEPTED [line 172]
CERTPROB_WRONGLY_ACCEPTED = -213
|
|
The server accepted this client certificate, but should not have
CERTPROB_WRONGLY_NOT_ACCEPTED [line 176]
CERTPROB_WRONGLY_NOT_ACCEPTED = -214
|
|
The server does not accept this client certificate, but should have
RETVAL_CONNECTION_REFUSED [line 76]
RETVAL_CONNECTION_REFUSED = -110
|
|
a RADIUS server refuses connection
RETVAL_CONVERSATION_REJECT [line 72]
RETVAL_CONVERSATION_REJECT = -109
|
|
a RADIUS server talked EAP with us, but didn't like us in the end
RETVAL_IMMEDIATE_REJECT [line 68]
RETVAL_IMMEDIATE_REJECT = -108
|
|
a RADIUS server did not want to talk EAP with us, but at least replied with a Reject
RETVAL_INCOMPLETE_DATA [line 80]
RETVAL_INCOMPLETE_DATA = -111
|
|
not enough data provided to perform an authentication
RETVAL_INVALID [line 44]
test executed, and there were errors
RETVAL_NONAPTR [line 50]
no NAPTRs for domain; this is not an error, simply means that realm is not doing dynamic discovery for any service
RETVAL_NOTCONFIGURED [line 35]
RETVAL_NOTCONFIGURED = -100
|
|
Test could not be run because CAT software isn't configured for it
RETVAL_NOT_CONFIGURED [line 36]
RETVAL_NOT_CONFIGURED = -100
|
|
RETVAL_NO_RESPONSE [line 60]
RETVAL_NO_RESPONSE = -106
|
|
no reply at all from remote RADIUS server
RETVAL_OK [line 31]
Test was executed and the result was as expected.
RETVAL_ONLYUNRELATEDNAPTR [line 54]
RETVAL_ONLYUNRELATEDNAPTR = -105
|
|
no eduroam NAPTR for domain; this is not an error, simply means that realm is not doing dynamic discovery for eduroam
RETVAL_SERVER_UNFINISHED_COMM [line 64]
RETVAL_SERVER_UNFINISHED_COMM = -107
|
|
auth flow stopped somewhere in the middle of a conversation
RETVAL_SKIPPED [line 40]
Test skipped because there was nothing to be done
RETVAL_WRONG_PKCS12_PASSWORD [line 86]
RETVAL_WRONG_PKCS12_PASSWORD = -112
|
|
PKCS12 password does not match the certificate file