cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Error Codes in Authentication Logging for X.509 Client-certificate Authentication

Jump to solution

I've gotten X.509 client certificate authentication working (as described here: Using client certficates for authentication on wg 7.2.0.8.0), but the intended target browser is not yet working.  I've been turning on authentication logging and trying to make sense of the codes returned.

The logging line of interest at this point includes the text "Authentication for user \".  So far, I've seen return codes on this line of "0", "100", and "101", where "0" is successful authentication, "100" is certificate not accepted, and "101" is signing cert is marked untrusted--as best as I can tell.

Did I get this right?  Are there other codes of interest?



1 Solution

Accepted Solutions
McAfee Employee aloksard
McAfee Employee
Report Inappropriate Content
Message 2 of 2

Re: Error Codes in Authentication Logging for X.509 Client-certificate Authentication

Jump to solution

Hi,

Hope you are doing well.

0=>  Authentication was successful

100 =>  CA is not known

101 =>  CA is not trusted

102=>  extended key usage field doesn't include client authentication

103=>  certificate or CA expired

104=>  path length constraint violated

105=>  revoked

106=>  revocation status unknown

 

Regards

Alok Sarda

 

 

 

View solution in original post

1 Reply
McAfee Employee aloksard
McAfee Employee
Report Inappropriate Content
Message 2 of 2

Re: Error Codes in Authentication Logging for X.509 Client-certificate Authentication

Jump to solution

Hi,

Hope you are doing well.

0=>  Authentication was successful

100 =>  CA is not known

101 =>  CA is not trusted

102=>  extended key usage field doesn't include client authentication

103=>  certificate or CA expired

104=>  path length constraint violated

105=>  revoked

106=>  revocation status unknown

 

Regards

Alok Sarda

 

 

 

View solution in original post

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community