Solution, Failed to retrieve crls, Symptom – H3C Technologies H3C WX6000 Series Access Controllers User Manual
Page 665: Analysis, No trusted ca is specified, No ra is configured, Retrieve a ca certificate, Regenerate a key pair, Specify a trusted ca, Configure the ra for certificate request
68-18
z
The current key pair has been bound to a certificate.
z
No trusted CA is specified.
z
The URL of the enrollment server for certificate request is not correct or not configured.
z
No RA is configured.
z
Some required parameters of the entity DN are not configured.
Solution
z
Make sure that the network connection is physically proper.
z
Retrieve a CA certificate.
z
Regenerate a key pair.
z
Specify a trusted CA.
z
Use the ping command to check that the RA server is reachable.
z
Configure the RA for certificate request.
z
Configure the required entity DN parameters.
Failed to Retrieve CRLs
Symptom
Failed to retrieve CRLs.
Analysis
Possible reasons include these:
z
The network connection is not proper. For example, the network cable may be damaged or loose.
z
No CA certificate has been retrieved before you try to retrieve CRLs.
z
The IP address of LDAP server is not configured.
z
The URL for CRL distribution is not configured.
z
The LDAP server version is wrong.
Solution
z
Make sure that the network connection is physically proper.
z
Retrieve a CA certificate.
z
Specify the IP address of the LADP server.
z
Specify the URL for CRL distribution.
z
Re-configure the LDAP version.