This topic contains error messages that might result due to configuration
problems and provides solutions to help you troubleshoot these problems.
The following messages appear due to configuration problems:
- Message: SSL0300E: Unable to allocate terminal node.
- Message: SSL0301E: Unable to allocate string value in node.
- Message: SSL0302E: Unable to allocate non terminal node.
- Message: SSL0303E: Syntax Error in SSLClientAuthGroup directive.
- Message: SSL0304E: Syntax Error in SSLClientAuthRequire directive.
- Message: SSL0307E: Invalid token preceding NOT or !
- Message: SSL0308E: A group is specified in SSLClientAuthRequire but
no groups are specified.
- Message: SSL0309E: The group <group> is specified
in SSLClientAuthRequire is not defined.
- Message: SSL0310I: Access denied to object due to invalid SSL version <version>,
expected <version>.
- Message: SSL0311E: Unable to get cipher in checkBanCipher.
- Message: SSL0312I: Cipher <cipher> is
in ban list and client is forbidden to access object.
- Message: SSL0313E: Fell through to default return in checkCipherBan.
- Message: SSL0314E: Cipher is NULL in checkRequireCipher.
- Message: SSL0315E: Cipher <cipher> used is not
in the list of required ciphers to access this object.
- Message: SSL0316E: Fell through to default return in checkCipherRequire.
- Message: SSL0317E: Unable to allocate memory for fake basic authentication
username.
- Message: SSL0318E: Limit exceeded for specified cipher specs, only
64 total allowed.
- Reason: The number of ciphers configured using the SSLCipherSpec directive
exceeds the maximum allowed of 64.
- Solution: Check for duplicate SSLCipherSpec directives.
- Message: SSL0319E: Cipher Spec <cipher> is not
supported by this GSK library.
- Reason: The cipher is not a valid cipher for use with the installed SSL
libraries.
- Solution: Check that a valid cipher value was entered with the SSLCipherSpec
directive.
- Message: SSL0320I: Using Version 2|3 Cipher: <cipher>.
- Reason: This is an informational message listing the ciphers used for
connections to this virtual host.
- Solution: None.
- Message: SSL0321E: Invalid cipher spec <cipher>.
- Reason: The cipher is not a valid cipher.
- Solution: Check the documentation for a list of valid cipher specs.
- Message: SSL0322E: Cipher Spec <cipher> is not
valid.
- Reason: The cipher is not a valid cipher.
- Solution: Check the documentation for a list of valid cipher specs.
- Message: SSL0323E: Cipher Spec <cipher> has already
been added.
- Reason: A duplicate SSLCipherSpec directive has been encountered.
- Solution: This instance of the directive is ignored and should be removed
from the configuration file.
- Message: SSL0324E: Unable to allocate storage for cipher specs.
- Reason: The server could not allocate memory needed to complete the operation.
- Solution: Take action to free up some additional memory. Try reducing
the number of threads or processes running, or increasing virtual memory.
- Message: SSL0325E: Cipher Spec <cipher> has already
been added to the v2|v3 ban|require list.
- Reason: A duplicate cipher was specified on the SSLCipherBan directive.
- Solution: This instance of the directive is ignored and should be removed
from the configuration file.
- Message: SSL0326E: Invalid cipher spec <cipher> set
for SSLCipherBan|SSLCipherRequire.
- Reason: The cipher is not a valid cipher.
- Solution: Check the documentation for a list of valid cipher specs.
- Message: SSL0327E: Invalid value for sslv2timeout|sslv3timeout, using
default value of nn seconds.
- Reason: The timeout value specified is not in the valid range.
- Solution: Check the documentation for the proper range of values.
- Message: SSL0328W: Invalid argument for SSLClientAuth: <args>.
CRL can not be turned on unless Client Authentication is on.
- Message: SSL0329W: Invalid argument for SSLClientAuth: <args>.
If a second argument is entered it must be CRL. CRL cannot be turned on unless
client authentication is on.
- Message: SSL0330W: Invalid argument for SSLClientAuth: <args>.
If a second value is entered it must be crl.
- Message: SSL0331W: Invalid argument for SSLClientAuth: <args>.
The first value must be 0, 1, 2 none, optional, or required.
- Message: SSL0332E: Not enough arguments specified for SSLClientAuthGroup.
- Message: SSL0333E: No parse tree created for <parm>.
- Reason: An error occurred processing the SSLClientAuthRequire directive.
- Solution: Check for other error messages. Enable tracing of Client Authentication
by adding the directive SSLClientAuthRequireTraceOn to the configuration file.
- Message: SSL0334E: Function ap_make_table failed processing label <certificate>.
- Message: SSL0337E: OCSP is not supported with this level of GSKit
- Reason: OCSP support requires GSKit 7.0.4.14 or higher
- Solution: Upgrade the level of GSKit on the system to 7.0.4.14 or higher