This topic contains error messages that might result due
to configuration problems and provides solutions to help you troubleshoot
these problems.
The following messages appear due to configuration
problems:
- Message: SSL0300E: Unable to allocate terminal node.
- Message: SSL0301E: Unable to allocate string value in node.
- Message: SSL0302E: Unable to allocate non terminal node.
- Message: SSL0303E: Syntax Error in SSLClientAuthGroup directive.
- Message: SSL0304E: Syntax Error in SSLClientAuthRequire directive.
- Message: SSL0307E: Invalid token preceding NOT or !
- Message: SSL0308E: A group is specified in SSLClientAuthRequire
but no groups are specified.
- Message: SSL0309E: The group <group> is
specified in SSLClientAuthRequire is not defined.
- Message: SSL0310I: Access denied to object due to invalid SSL
version <version>, expected <version>.
- Message: SSL0311E: Unable to get cipher in checkBanCipher.
- Message: SSL0312I: Cipher <cipher> is
in ban list and client is forbidden to access object.
- Message: SSL0313E: Fell through to default return in checkCipherBan.
- Message: SSL0314E: Cipher is NULL in checkRequireCipher.
- Message: SSL0315E: Cipher <cipher> used
is not in the list of required ciphers to access this object.
- Message: SSL0316E: Fell through to default return in checkCipherRequire.
- Message: SSL0317E: Unable to allocate memory for fake basic
authentication username.
- Message: SSL0318E: Limit exceeded for specified cipher specs,
only 64 total allowed.
- Reason: The number of ciphers configured using the SSLCipherSpec
directive exceeds the maximum allowed of 64.
- Solution: Check for duplicate SSLCipherSpec directives.
- Message: SSL0319E: Cipher Spec <cipher> is
not supported by this GSK library.
- Reason: The cipher is not a valid cipher for use with the installed
SSL libraries.
- Solution: Check that a valid cipher value was entered with the
SSLCipherSpec directive.
- Message: SSL0320I: Using Version 2|3 Cipher: <cipher>.
- Reason: This is an informational message listing the ciphers used
for connections to this virtual host.
- Solution: None.
- Message: SSL0321E: Invalid cipher spec <cipher>.
- Reason: The cipher is not a valid cipher.
- Solution: Check the documentation for a list of valid cipher specs.
- Message: SSL0322E: Cipher Spec <cipher> is
not valid.
- Reason: The cipher is not a valid cipher.
- Solution: Check the documentation for a list of valid cipher specs.
- Message: SSL0323E: Cipher Spec <cipher> has
already been added.
- Reason: A duplicate SSLCipherSpec directive has been encountered.
- Solution: This instance of the directive is ignored and should
be removed from the configuration file.
- Message: SSL0324E: Unable to allocate storage for cipher specs.
- Reason: The server could not allocate memory needed to complete
the operation.
- Solution: Take action to free up some additional memory. Try reducing
the number of threads or processes running, or increasing virtual
memory.
- Message: SSL0325E: Cipher Spec <cipher> has
already been added to the v2|v3 ban|require list.
- Reason: A duplicate cipher was specified on the SSLCipherBan directive.
- Solution: This instance of the directive is ignored and should
be removed from the configuration file.
- Message: SSL0326E: Invalid cipher spec <cipher> set
for SSLCipherBan|SSLCipherRequire.
- Reason: The cipher is not a valid cipher.
- Solution: Check the documentation for a list of valid cipher specs.
- Message: SSL0327E: Invalid value for sslv2timeout|sslv3timeout,
using default value of nn seconds.
- Reason: The timeout value specified is not in the valid range.
- Solution: Check the documentation for the proper range of values.
- Message: SSL0328W: Invalid argument for SSLClientAuth: <args>.
CRL can not be turned on unless Client Authentication is on.
- Message: SSL0329W: Invalid argument for SSLClientAuth: <args>.
If a second argument is entered it must be CRL. CRL cannot be turned
on unless client authentication is on.
- Message: SSL0330W: Invalid argument for SSLClientAuth: <args>.
If a second value is entered it must be crl.
- Message: SSL0331W: Invalid argument for SSLClientAuth: <args>.
The first value must be 0, 1, 2 none, optional, or required.
- Message: SSL0332E: Not enough arguments specified for SSLClientAuthGroup.
- Message: SSL0333E: No parse tree created for <parm>.
- Reason: An error occurred processing the SSLClientAuthRequire
directive.
- Solution: Check for other error messages. Enable tracing of Client
Authentication by adding the directive SSLClientAuthRequireTraceOn
to the configuration file.
- Message: SSL0334E: Function ap_make_table failed processing
label <certificate>.
- Message: SSL0337E: OCSP is not supported with this level of
GSKit
- Reason: OCSP support requires GSKit 7.0.4.14 or higher
- Solution: Upgrade the level of GSKit on the system to 7.0.4.14
or higher