certificate.insecure events
Collection of separate PDF docs
Creating your file...
certificate.insecure.hash
- Severity
-
ERROR
- Description
-
This message occurs when an installed certificate uses a hash function that is no longer considered secure. Client-server communication using this certificate should be presumed insecure, and could be disrupted.
- Corrective Action
-
Delete the insecure certificate by using the "security certificate delete" command. Install an appropriate replacement by using the "security certificate install" command or "security certificate create" command.
- Syslog Message
-
A digital certificate with UUID %s in Vserver %s with name %s is using the insecure hash function %s.
- Parameters
-
uuid (STRING): UUID of the offending certificate.
vserver (STRING): Name of the Vserver in which the offending certificate is installed.
cert_name (STRING): Name (unique within a Vserver) of the offending certificate.
hash_function (STRING): Hash function used by the offending certificate.
certificate.insecure.key
- Severity
-
ERROR
- Description
-
This message occurs when an installed certificate uses a key length that is no longer considered secure for the corresponding key algorithm. Client-server communication using this certificate should be presumed insecure, and could be disrupted.
- Corrective Action
-
Delete the insecure certificate by using the "security certificate delete" command. Install an appropriate replacement by using the "security certificate install" command or "security certificate create" command.
- Syslog Message
-
A digital certificate with UUID %s in Vserver %s with name %s has an insecure key of type %s and length %d.
- Parameters
-
uuid (STRING): UUID of the offending certificate.
vserver (STRING): Name of the Vserver in which the offending certificate is installed.
cert_name (STRING): Name (unique within a Vserver) of the offending certificate.
key_algorithm (STRING): Algorithm (e.g., RSA) of the key for the corresponding certificate.
key_length (INT): Length of the key in bits for the corresponding certificate.