cancel
Showing results for 
Search instead for 
Did you mean: 
danielsch
Level 10

Maintained Certificate List daily certificate chain filter error for http.fpki.gov

Jump to solution

Hello,

since a while we get every day an error message for the McAfee maintained certificate list for the following certifcate authorities:


[2015-08-30 17:16:14.285 +02:00] [Coordinator] [UpdateProcessDownloadFailedBadCode] Failed to download file: 'egov/egovapp.crl', while host: 'http.fpki.gov' sent back HTTP-Code: '404'.   [CHTTPUpdateClient::DownloadFile]


[2015-08-30 17:16:14.623 +02:00] [Coordinator] [UpdateProcessDownloadFailedBadCode] Failed to download file: 'egov/egovapp.crl', while host: 'http.fpki.gov' sent back HTTP-Code: '404'.   [CHTTPUpdateClient::DownloadFile]


[2015-08-30 17:16:14.637 +02:00] [Coordinator] [UpdateProcessDownloadFileFailed] Failed to download file: 'egov/egovapp.crl'.   [CClusterUpdater::DownloadUpdateFiles]


[2015-08-30 17:16:17.844 +02:00] [Coordinator] [UpdateProcessDownloadFailedBadCode] Failed to download file: 'egov/egovcsp2.crl', while host: 'http.fpki.gov' sent back HTTP-Code: '404'.   [CHTTPUpdateClient::DownloadFile]


[2015-08-30 17:16:18.184 +02:00] [Coordinator] [UpdateProcessDownloadFailedBadCode] Failed to download file: 'egov/egovcsp2.crl', while host: 'http.fpki.gov' sent back HTTP-Code: '404'.   [CHTTPUpdateClient::DownloadFile]


[2015-08-30 17:16:18.184 +02:00] [Coordinator] [UpdateProcessDownloadFileFailed] Failed to download file: 'egov/egovcsp2.crl'.   [CClusterUpdater::DownloadUpdateFiles]



I also get the error when I try to download them manuell.

http://http.fpki.gov/egov/egovcsp2.crl

The requested resource is not available.

http://http.fpki.gov/egov/egovapp.crl

The requested resource is not available.

Is there a way to exclude this certificates? I believe we don't need this.

Daniel

0 Kudos
1 Solution

Accepted Solutions
danielsch
Level 10

Re: Maintained Certificate List daily certificate chain filter error for http.fpki.gov

Jump to solution

McAfee updated the list and removed some of the CRLs:

Only the CRLs 'egov/egovapp.crl' and 'egov/egovcsp2.crl' were deleted from the list the server from http.fpki.gov is still alive. So only these two crls are no longer loaded other ones from that server are still loaded.

0 Kudos
3 Replies
danielsch
Level 10

Re: Maintained Certificate List daily certificate chain filter error for http.fpki.gov

Jump to solution

I got more chain erros in the logfile at the cluster standby appliance then on the active member.

Is there a difference? I believe the standby just get the updates pushed.

While the errors still occurs, I rebooted the standby appliance and there are some update statements in the logfile.

Will see what's the next days.

0 Kudos
danielsch
Level 10

Re: Maintained Certificate List daily certificate chain filter error for http.fpki.gov

Jump to solution

Ok, errors still exist.

I will open a support ticket.

0 Kudos
danielsch
Level 10

Re: Maintained Certificate List daily certificate chain filter error for http.fpki.gov

Jump to solution

McAfee updated the list and removed some of the CRLs:

Only the CRLs 'egov/egovapp.crl' and 'egov/egovcsp2.crl' were deleted from the list the server from http.fpki.gov is still alive. So only these two crls are no longer loaded other ones from that server are still loaded.

0 Kudos