HP NonStop SSL Reference Manual SSL Reference • 109
Note: If you authenticate the HP NonStop SSL server in your clients, you should consider basing trust on the Root CA
certificate (e.g. check the Root CA fingerprint). In case the server certificate is compromised you can simply replace it
without having to update your client configuration.
TLS Alerts
If a TLS Alert happens on an SSL-encrypted session, the TLS alert number will be logged. The following message is an
example for a log message of this type: a plain Telnet client tried to connect on the encrypted socket, resulting in a TLS
alert "50" (DecodeError).
13:37:18.53|30|TLS Alert: 50
The following table contains the TLS alert numbers for TLS 1.0. For more information about the individual alerts, please
refer to the TLS specification RFC 2246 (available under http://www.ietf.org).
TLS Alert Number TLS Alert name
0 close_notify
10 unexpected_message
20 bad_record_mac
21 decryption_failed
22 record_overflow
30 decompression_failure
40 handshake_failure
42 bad_certificate
43 unsupported_certificate
44 certificate_revoked
45 certificate_expired
46 certificate_unknown
47 illegal_parameter
48 unknown_ca
49 access_denied
50 decode_error
51 decrypt_error,
60 export_restriction
70 protocol_version
71 insufficient_security
80 internal_error
90 user_canceled
100 no_renegotiation
To Next Page
Loading...
Need help?
General