000025451 - Unable to generate a CRL or revoke a certificate

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000025451
Applies ToRSA Keon Certificate Authority 6.5.1
Microsoft Windows 2000
Two-phase logging activated to log success and failure of all operations
IssueUnable to generate a CRL or revoke a certificate
When generating a CRL the following message appears on-screen and in the audit log:

[XrcSECURELOGSERVERNOTREACHABLE: secure logging server is not reachable or out of diskspace]
CauseThe Xudad SSL certificate (/Xudad/ssl/certs/ssl.cert) had expired
The file /Xudad/ssl/certs/cas.cert & /LogServer/ssl/certs/cas.cert contains the old System which has expired.
ResolutionDeactivate two-phase logging and renew the above certificate.

If cas.cert contains an expired System CA certificate, log in to the Admin Console, under CA Operation select the System CA --> View PEM, and replace the content of cas.cert with the active System CA.
Legacy Article IDa33444

Attachments

    Outcomes