IPS Seguridad CA - IPS SERVIDORES
It is expired since Dec 29 23:21:07 2009 GMT.
Let me know if you were able to find it.
Thank you for the quick reply. I have found the CA. Is it strange that the error only started to appear on 4 April since it expired in 2009?
I am getting this error:
[2012-04-23 23:17:29.573 +02:00] [CertificateFilterPlugin] [CannotLoadCRL] Cannot load CRL of CA 'IPS Seguridad CA - IPS SERVIDORES' with digest '24ba6d6c8a5b5837a48db5fae919ea675c94d217' ('error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag').
Unfortunately I cannot edit the list as it is a McAfee maintained/subscribed list (MWG v7.2)
Hmm... I only see successful updates in the log. Can you tell me the time/date of the event in the dashboard? Can you maybe provide an errors.log from data point of time as well?
Yes that´s what I realised yesterday, there is no failed update in the log and neither today but the warning is still displayed.
Yesterday´s warning date is 23-Feb 2012 03:38:03
Which error.log do you need? Where can I find it?
Is there any problem if I delete manually all the expired CAs? I´ve seen several expired CAs
if a CA is expired you can remove it.
The CA update error should be in the mwg-core*.log. If you have SSH access you can simply run
egrep CannotLoadCRL /opt/mwg/log/mwg-errors/mwg-core*
That should give a list of CA load issues.
Thanks Andre, here it is:
[root@HZKWSG-EJ00 ~]# egrep CannotLoadCRL /opt/mwg/log/mwg-errors/mwg-core*
/opt/mwg/log/mwg-errors/mwg-core.errors.log:[2012-02-24 03:37:53.696 +01:00] [CertificateFilterPlugin] [CannotLoadCRL] Cannot load CRL for CA with digest 'd29f6c98befc6d986521543ee8be56cebc288cf3' ('error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag')