I am running the following version of cURL: curl 7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/18.104.22.168 zlib/1.2.3 libidn/1.18 libssh2/1.4.2 It's worth noting that this is working on two other remote servers which are both SEC_ERROR_BAD_SIGNATURE: Peer's certificate has an invalid signature. Why does Russia need to win Aleppo for the Assad regime before they can withdraw? SEC_ERROR_NO_EMAIL_CERT -8149 Not encrypted or signed: you do not yet have an email certificate. check over here
I haven't found it yet... export policies. SEC_ERROR_REUSED_ISSUER_AND_SERIAL: You are attempting to import a cert with the same issuer/serial as an existing cert, but that is not the same cert. SSL_ERROR_CERTIFICATE_UNOBTAINABLE_ALERT: SSL peer could not obtain your certificate from the supplied URL.
Comment 10 Kamil Dudka 2009-10-07 17:58:51 EDT Elio, that's no problem for me (as developer). Is there a way to make curl more verbose (beside -v or -trace)? In addition to the error codes defined by NSPR, PR_GetError retrieves the error codes described in this chapter.SSL Error Codes SEC Error Codes SSL Error Codes Table 8.1 Error codes defined SEC_ERROR_PKCS12_CERT_COLLISION: Unable to import.
Tell me if I can do something to help you! SEC_ERROR_TOKEN_NOT_LOGGED_IN: The operation failed because the PKCS#11 token is not logged in. SSL_ERROR_ENCRYPTION_FAILURE: Bulk data encryption algorithm failed in selected cipher suite. Nss Error Code 5938 SEC_ERROR_EXTENSION_VALUE_INVALID -8158 Certificate extension value is invalid.
SEC_ERROR_PKCS7_KEYALG_MISMATCH: Cannot decrypt: key encryption algorithm does not match your certificate. Nss Error 5938 SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION: Certificate contains unknown critical extension. Wrong password for key database. As I said, I will help, if I am able to...
PR_WOULD_BLOCK_ERROR: The operation would have blocked. Nss Error 8018 SEC_ERROR_BAD_INFO_ACCESS_METHOD: Unknown information access method in certificate extension. PR_FILE_IS_BUSY_ERROR: The file is busy. SSL_ERROR_SESSION_KEY_GEN_FAILURE: Client failed to generate session keys for SSL session.
SEC_ERROR_KRL_EXPIRED -8133 The KRL for this site's certificate has expired. SSL_ERROR_RX_UNEXPECTED_CERT_REQUEST: SSL received an unexpected Certificate Request handshake message. Nss Error Code 5961 SSL_ERROR_POST_WARNING -12275 (unused) SSL_ERROR_SSL2_DISABLED -12274 "Peer only supports SSL version 2, which is locally disabled." The remote server has asked to use SSL version 2, and SSL version 2 is disabled Nss Error -5938 Curl SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM: Incorrect signature algorithm specified in a digitally-signed element.
more stack exchange communities company blog Stack Exchange Inbox Reputation and Badges sign up log in tour help Tour Start here for a quick overview of the site Help Center Detailed check my blog SSL_ERROR_SIGN_HASHES_FAILURE: Unable to digitally sign data required to verify your certificate. PR_UNLOAD_LIBRARY_ERROR: Failure to unload dynamic library. SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT: SSL peer had some unspecified issue with the certificate it received. Nss Error -5938 (pr_end_of_file_error)
SEC_ERROR_INVALID_TIME: Improperly formatted time string. SEC_ERROR_INVALID_AVA: security library: invalid AVA. It can be due to a server being misconfigured to use a non-RSA certificate with the RSA key exchange algorithm. this content SSL_ConfigServerSessionIDCache SSL_ClearSessionCache S/MIME Based on the S/MIME Reference (which only has one written chapter) and "S/MIME Functions" in NSS Public Functions.
SEC_ERROR_NO_NODELOCK: security library: no nodelock. Nss Error 5978 SSL_ERROR_BAD_CERT_STATUS_RESPONSE_ALERT: SSL peer was unable to get an OCSP response for its certificate. One of them, having it, is a server of an external professional hoster...
This probably indicates a flaw in the remote peer's implementation. SEC_ERROR_PKCS12_DECODING_PFX: Unable to import. Comment 22 Kamil Dudka 2009-10-08 17:45:20 EDT Nope, it was indeed a server's bug which is suppressed by sort of workaround within Firefox/xulrunner. Nss Error -5961 (pr_connect_reset_error) Asking for a written form filled in ALL CAPS Why does every T-800 Terminator sent back look like this?
SEC_ERROR_REVOKED_KEY -8131 The key for this site's certificate has been revoked. At least not here and now, because there are different stones laying in my way. (The server in doubt is the only linux machine I have in access at work and So I have created 3 hosts, and web checks (walkthroughs) for both webapps: Host1: LoadBalancer App: MyApp Scenario: App1 Scenario: App2 Host2: JEE Server1 App: MyApp Scenario: App1 Scenario: App2 Host3: http://kreativexpert.com/nss-error/nss-error-code-20897.html SEC_ERROR_PKCS12_UNABLE_TO_READ: Unable to import.
PR_ALREADY_INITIATED_ERROR: Operation has already been initiated (probably a non-blocking connect). SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM: Unable to import. SEC_ERROR_NO_RECIPIENT_CERTS_QUERY: Not encrypted: you do not have certificates for each of the recipients. PR_DIRECTORY_CORRUPTED_ERROR: The directory object in the file system is corrupted.
SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM: Unable to import. SEC_ERROR_UNSUPPORTED_KEYALG -8144 Unsupported or unknown key algorithm. I have tried forcing cURL to use SSLv3 (using the -3 flag and the -SSLv3 flag) with no success. Comment 21 Wolfram Wagner 2009-10-08 16:04:13 EDT Hello Kamil, It looks good: This is what I did: I downloaded the improved zabbix from koji and upgraded my server.
SSL_ERROR_UNSAFE_NEGOTIATION: Peer attempted old style (potentially vulnerable) handshake. SEC_ERROR_DIGEST_NOT_FOUND: The CMS or PKCS #7 Digest was not found in signed message. The raspberry pi is running the following version: curl 7.26.0 (arm-unknown-linux-gnueabihf) libcurl/7.26.0 OpenSSL/1.0.1e zlib/1.2.7 libidn/1.25 libssh2/1.4.2 librtmp/2.3 Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtmp SEC_ERROR_FILING_KEY: Error refiling the key for this certificate.
Comment 18 Wolfram Wagner 2009-10-08 08:54:50 EDT Created attachment 364110 [details] Zabbix utilization of curllib... SEC_ERROR_OUT_OF_SEARCH_LIMITS: Cert validation search is out of search limits SEC_ERROR_INVALID_POLICY_MAPPING: Policy mapping contains anypolicy SEC_ERROR_POLICY_VALIDATION_FAILED: Cert chain fails policy validation SEC_ERROR_UNKNOWN_AIA_LOCATION_TYPE: Unknown location type in cert AIA extension SEC_ERROR_BAD_HTTP_RESPONSE: Server returned SEC_ERROR_MESSAGE_SEND_ABORTED: Message not sent.