000022127 - Error: 'req-authorize.xuda: Line 518: [XrcNOTFOUND] unable to locate requested member or object. Unable to sign certificate [unable to locate requested member or object]' when issuing a certificate in Keon Certificate Authority

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022127
Applies ToKeon Certificate Authority 6.5.1
Microsoft Windows 2000 Server SP4
Chrysalis-ITS Luna
SafeNet Luna
IssueError: "req-authorize.xuda: Line 518: [XrcNOTFOUND] unable to locate requested member or object. Unable to sign certificate [unable to locate requested member or object]" when issuing a certificate in Keon Certificate Authority
Certificate request was submitted through Keon Certificate Authority (KCA) Enrollment Server. When attempting to issue a certificate for this request, clicking on the 'Issue Certificate' button generated the following error:

    req-authorize.xuda: Line 518: [XrcNOTFOUND] unable to locate requested member or object. Unable to sign certificate [unable to locate requested member or object]
The CA issuing the above certificate was Luna-based. Other Luna-based CAs on the same KCA installation successfully issued certificates.
CauseThe Luna token being used was missing the private key for just the failing CA. CA keys were cloned to the failing Luna token from another Luna token.
ResolutionThe original Luna token that contained all private keys can be used to issue certificates for all Luna based CAs, including the failing one. The bad Luna token should be cloned again from the good token using Chrysalis-ITS cloning utility.
Legacy Article IDa26952

Attachments

    Outcomes