Home
CERT+
Automate certificate lifecycle management including issuance, discovery, renewal, and deployment, across public and private trust CAs. Assess, prioritize, and plan your migration to quantum-safe encryption with the Quantum Trust Hub add-on module.
CERT+ Troubleshooting Guide
Troubleshooting for CAs
Troubleshooting Sectigo CA

CERT+
Automate certificate lifecycle management including issuance, discovery, renewal, and deployment, across public and private trust CAs. Assess, prioritize, and plan your migration to quantum-safe encryption with the Quantum Trust Hub add-on module.
PKI+
Provision, govern and scale private trust certificates with a Post Quantum ready cloud based Enterprise PKI-as-a-Service.
SIGN+
Secure software, firmware, and containers with a comprehensive enterprise code signing solution.
SSH+
Control SSH access and key rotation at scale with an SSH key lifecycle management solution.
KUBE+
Unify DevOps and Security teams by managing certificates with a Kubernetes-native certificate lifecycle management solution.
DDI+
Manage domain registration, renewal, decommissioning, and other security controls with an end-to-end domain lifecycle management solution.
ADC+
Automate and orchestrate application delivery infrastructure at scale with an ADC lifecycle automation platform.
Platform
Manage policy and automation across all of the products and modules in the AVX ONE platform.
AppViewX Setup
Get detailed instructions for setting up AVX ONE in on-premises or SaaS deployments.
Release Artifacts
Review new features, fixes, and security advisories with official AppViewX release documentation.

Troubleshooting Sectigo CA

This section helps you troubleshoot the common problems that you might encounter while using functionalities like setting addition, certificate enrollment, renewal, revocation, discovery, and other actions associated with Sectigo Certificate Authority.

Issues in Sectigo CA Configuration

Table 1. Error messages and resolutions
Error Message	Possible Cause	Possible Solution
Fetch certificate types action has failed Unknown user	Username or password may be invalid	Check and correct the username and password.
Fetch certificate types action has failed Invalid auth data	URI may be invalid	Check and correct the URI. For example: https://cert-manager.com/customer/<customer_uri>/ssl - here URI is customer_uri.
Fetch certificate types action has failed Wrong url specified or the url is not reachable	Base URL may be invalid	Validate and correct the base URL.
Fetch certificate types action has failed Invalid CA settings details	Proxy details could be wrong	Check and correct the proxy details configured in the general settings.
Proxy details is not configured in proxy settings.	Proxy field is enabled in CA settings but proxy details are not configured in proxy settings.	Configure the proxy details in general settings.

Issues in Sectigo CA setting validation

Table 2. Error messages and resolutions
Error Message	Possible Cause	Possible Solution
Unknown User	Username or password may be in valid	Check and correct the username and password.
Invalid auth data	URI may be invalid	Check and correct the URI. For example: https://cert-manager.com/customer/<customer_uri>/ssl - here URI is customer_uri.
Connection failed due to incorrect CA settings details : Wrong url specified or the url is not reachable	Base URL may be invalid	Validate and correct the base URL.
Connection failed due to incorrect CA settings details : Invalid CA settings details	Proxy details could be wrong	Check and correct the proxy details configured in the general settings.
Proxy details is not configured in proxy settings.	Proxy field is enabled in CA settings but proxy details are not configured in proxy settings.	Configure the proxy details in general settings.

Issues in Enrolling Sectigo Certificate

Table 3. Error messages and resolutions
Error Message	Possible Cause	Possible Solution
Unknown User	Username or password may be invalid	Check and correct the username and password in the CA setting.
Invalid auth data	URI may be invalid	Check and correct the URI in the CA setting. For example: https://cert-manager.com/customer/<customer_uri>/ssl - here URI is customer_uri.
Wrong url specified or the url is not reachable	Base URL may be invalid	Validate and correct the base URL in the CA setting.
Invalid CA settings details	Proxy details could be wrong	Check and correct the proxy details configured in the proxy settings.
Proxy details is not configured in proxy settings.	Proxy field is enabled in CA Settings but proxy details are not configured in proxy settings.	Configure the proxy details in proxy settings.
You cannot order certificates for the following or additional domains: testcert.test.net. Please double-check correctness of entered information or navigate to ''Domains'' subtab of ''Settings'' tab to request/activate/delegate them or enable this type of certificate for them in terms of the selected organization.	Domain part of the common name specified in the request is not supported by Certificate Authority	Validate the configured domains or activate the domain in the CA portal, as specified in the error message.
The validity period (term) is invalid for this certificate type.	The validity period (term) is invalid for this certificate type.	Please specify the validity period (term) that is supported by the chosen cert type in the CA connector and resubmit the request.
Certificate Profile does not support Key Type 'EC - brainpoolP160r1'.	EC key type with the specified curve is not supported for the chosen certificate type.	Please specify the key type that is supported by the chosen cert type in the CA connector and resubmit the request.

Issues in Regenerating Sectigo Certificate

Table 4. Error messages and resolutions
Error Message	Possible Cause	Possible Solution
Unknown User	Username or password may be invalid	Check and correct the username and password in the CA setting.
Invalid auth data	URI may be invalid	Check and correct the URI in the CA setting. For example: https://cert-manager.com/customer/<customer_uri>/ssl - here URI is customer_uri.
Wrong url specified or the url is not reachable	Base URL may be invalid	Validate and correct the base URL in the CA setting.
Invalid CA settings details	Proxy details could be wrong	Check and correct the proxy details configured in the proxy settings.
Proxy details is not configured in proxy settings.	Proxy field is enabled in CA Settings but proxy details are not configured in proxy settings.	Configure the proxy details in proxy settings.
You cannot order certificates for the following or additional domains: testcert.test.net. Please double-check correctness of entered information or navigate to ''Domains'' subtab of ''Settings'' tab to request/activate/delegate them or enable this type of certificate for them in terms of the selected organization.	Domain part of the common name specified in the request is not supported by Certificate Authority	Validate the configured domains or activate the domain in the CA portal, as specified in the error message.
The validity period (term) is invalid for this certificate type.	The validity period (term) is invalid for this certificate type.	Please specify the validity period (term) that is supported by the chosen cert type in the CA connector and resubmit the request.
Certificate Profile does not support Key Type 'EC - brainpoolP160r1'.	EC key type with the specified curve is not supported for the chosen certificate type.	Please specify the key type that is supported by the chosen cert type in the CA connector and resubmit the request.

Issues in Renewing Sectigo Certificate

Table 5. Error messages and resolutions
Error Message	Possible Cause	Possible Solution
Unknown User	Username or password may be invalid	Check and correct the username and password in the CA setting.
Invalid auth data	URI may be invalid	Check and correct the URI in the CA setting. For example: https://cert-manager.com/customer/<customer_uri>/ssl - here URI is customer_uri.
Wrong url specified or the url is not reachable	Base URL may be invalid	Validate and correct the base URL in the CA setting.
Invalid CA settings details	Proxy details could be wrong	Check and correct the proxy details configured in the proxy settings.
Proxy details is not configured in proxy settings.	Proxy field is enabled in CA Settings but proxy details are not configured in proxy settings.	Configure the proxy details in proxy settings.
You cannot order certificates for the following or additional domains: testcert.test.net. Please double-check correctness of entered information or navigate to ''Domains'' subtab of ''Settings'' tab to request/activate/delegate them or enable this type of certificate for them in terms of the selected organization.	Domain part of the common name specified in the request is not supported by Certificate Authority	Validate the configured domains or activate the domain in the CA portal, as specified in the error message.
The validity period (term) is invalid for this certificate type.	The validity period (term) is invalid for this certificate type.	Please specify the validity period (term) that is supported by the chosen cert type in the CA connector and resubmit the request.

Issues in Reissuing Sectigo Certificate

Table 6. Error messages and resolutions
Error Message	Possible Cause	Possible Solution
Unknown User	Username or password may be invalid	Check and correct the username and password in the CA setting.
Invalid auth data	URI may be invalid	Check and correct the URI in the CA setting. For example: https://cert-manager.com/customer/<customer_uri>/ssl - here URI is customer_uri.
Wrong url specified or the url is not reachable	Base URL may be invalid	Validate and correct the base URL in the CA setting.
Invalid CA settings details	Proxy details could be wrong	Check and correct the proxy details configured in the proxy settings.
Proxy details is not configured in proxy settings.	Proxy field is enabled in CA Settings but proxy details are not configured in proxy settings.	Configure the proxy details in proxy settings.
You cannot order certificates for the following or additional domains: testcert.test.net. Please double-check correctness of entered information or navigate to ''Domains'' subtab of ''Settings'' tab to request/activate/delegate them or enable this type of certificate for them in terms of the selected organization.	Domain part of the common name specified in the request is not supported by Certificate Authority	Validate the configured domains or activate the domain in the CA portal, as specified in the error message.
The validity period (term) is invalid for this certificate type.	The validity period (term) is invalid for this certificate type.	Please specify the validity period (term) that is supported by the chosen cert type in the CA connector and resubmit the request.
Certificate Profile does not support Key Type 'EC - brainpoolP160r1'.	EC key type with the specified curve is not supported for the chosen certificate type.	Please specify the key type that is supported by the chosen cert type in the CA connector and resubmit the request.

Issues in Revoking Sectigo Certificate

Table 7. Error messages and resolutions
Error Message	Possible Cause	Possible Solution
Unknown User	Username or password may be invalid	Check and correct the username and password in the CA setting.
Invalid auth data	URI may be invalid	Check and correct the URI in the CA setting. For example: https://cert-manager.com/customer/<customer_uri>/ssl - here URI is customer_uri.
Wrong url specified or the url is not reachable	Base URL may be invalid	Validate and correct the base URL in the CA setting.
Invalid CA settings details	Proxy details could be wrong	Check and correct the proxy details configured in the proxy settings.
Proxy details is not configured in proxy settings.	Proxy field is enabled in CA Settings but proxy details are not configured in proxy settings.	Configure the proxy details in proxy settings.

Issues in Discovering Sectigo Certificates

Table 8. Error messages and resolutions
Error Message	Possible Cause	Possible Solution
Unknown User	Username or password may be invalid	Check and correct the username and password in the CA setting.
Invalid auth data	URI may be invalid	Check and correct the URI in the CA setting. For example: https://cert-manager.com/customer/<customer_uri>/ssl - here URI is customer_uri.
Wrong url specified or the url is not reachable	Base URL may be invalid	Validate and correct the base URL in the CA Settings.
Invalid CA settings details	Proxy details could be wrong	Check and correct the proxy details configured in the proxy settings.
Proxy details is not configured in proxy settings.	Proxy field is enabled in CA Settings but proxy details are not configured in proxy settings.	Configure the proxy details in proxy settings.

AppViewX