| Operation | Log details |
|---|---|
| TLS session establishment | Oct 9 08:34:45:W: TLS: Successfully TLS connection established for10.24.12.107:60892 |
| TLS session termination (client/server) | Oct 9 08:34:51:W: TLS: TLS Connection terminated successfully for10.24.12.107:60892 |
| Invalid TLS version(after this entry, the TLS Session Termination log is also displayed) Major# represents the hexa- decimal value in the packet for invalid TLS major version | Oct 9 08:34:51:W: TLS: INVALID TLS version Major <Major #> from 10.24.12.107:60892 |
| Invalid TLS cipher (after this entry, the TLS Session Termination log is also displayed) | Oct 9 08:36:23:W:TLS: No Matching Cipher |
| Unsupported TLS version. Minor # represents the hexa decimal value in the packet for TLS minor version | Oct 9 08:45:43:W: TLS: Not enabled TLS version 1.<Minor #> from 10.24.12.107:60892 |
| Decryption Failed | Oct 9 09:02:45:W:TLS Handshake: Decryption Failed for 10.24.12.107:60892 |
| Bad record MAC | Oct 9 08:34:45:W:TLS Handshake: Bad record MAC- invalid padding for 10.24.12.107:60892 |
| Invalid server EKU being used | Oct 9 09:14:08:W:TLS X509v3 Certificate Validation failed: unsupported certificate purpose from 10.24.12.107:60892 |
| Wrong server EKU being used | Oct 9 09:15:15:W:TLS: Wrong Extended Key Usage value for 10.24.12.107:60982 |
| Key exchange message of an invalid type | Oct 9 09:16:25:W:TLS: Key Exchange or signature invalid type for 10.24.12.107:60982 |
| Unexpected message (Finished message sent before the ChangeCipherSpec message) | Oct 9 09:17:15:W:TLS: TLS Handshake: Finished message processing error from 10.24.12.107:60982 |
| Syslog server connected on TLS | May 14 17:09:07 mlxe System: SSL Syslog server 172.16.16.254:6514 is now active Syslog server Operation |
| Syslog server on TLS is disconnected | May 14 17:18:45 mlxe System: SSL Syslog server 172.16.16.254:6514 is
disconnected. Note: This log will
occur every minute if TLS Syslog server is configured on device
but not running remotely i.e, when connection attempt fails
Operation.
|
| TLS Handshake error | Jun 27 23:45:49 mlxe TLS: TLS Connection had received error to terminate from server
172.16.16.254:1492 during handshake Note: This log will
occur every minute if TLS Syslog server is configured on device
but not running remotely i.e, when connection attempt
fails.
|
| TLS Signature algorithm mismatch | Oct 9 08:34:45:W: X509v3 Certificate Validation failed: signature algorithm |
| SAN doesn't exist and CN doesn't match | Oct 9 08:34:45:W: TLS: SAN doesn't exist and CN doesn't match server IP <IP addr>:<port> CN <IP in CN field> |
| SAN exist and doesn't match | Oct 9 08:34:45:W: TLS: SAN available but doesn't match server IP <IP addr>:<port> SAN <IP in SAN field> |
| TLS certificate expired | Oct 9 08:34:45:W: TLS: Certificate validity from <IP addr>:<port> is expired. |
| Import X509v3 root certificate | Oct 9 08:34:45:W: SCP: Download by admin from src IP <remote
IP addr> to ssl trusted certificate. Oct 9 08:34:45:W: SCP: TLS Trusted certificate downloaded successfully to dynamic trusted index <index> |