crypto command errors

This topic lists errors for the crypto command.

See Common errors for a list of error messages that apply to all commands. See crypto command for information about command syntax and examples of command use.

Table 1. crypto command errors.

The error table is a multi-row, two-column table where each row describes a CMM CLI command error: column one lists the error reported by the command-line interface and column two describes what the error means.

Error message Definition
-cs cannot be changed from tls1.2 to tls1.2srv when -m is set to nist800-131a A user attempts to change the cipher suite to tls1.2srv that is not compatible with the current cipher mode of nist800-131a.

When the CMM is configured for NIST Strict operation (mode is nist800-131aand cipher suite is tls1.2), users can not change to NIST Custom operation (mode is nist800-131a and cipher suite is tls1.2svr).

-cs cannot be set to legacy while -m is set to nist800-131a A user attempts to set -cs to legacy while either -m is set to nist800-131a, or -m is being set to nist800-131a.
-m cannot be set to nist800-131a while -cs is set to legacy A user attempts to set -m to nist800-131a while -cs is set to legacy.
A cryptographic mode change is disallowed at this time. Firmware update is in progress. Try again later. A user attempts to make a cryptographic mode change while the CMM is unable to modify settings.
A cryptographic mode change is disallowed at this time. The standby CMM is in an unknown state, and a reset might result in a failover. A user attempts to make a cryptographic mode change while the CMM is unable to modify settings.
A cryptographic mode change is disallowed at this time. The primary CMM is verifying the code level on the standby CMM. A user attempts to make a cryptographic mode change while the CMM is unable to modify settings.
A cryptographic mode change is disallowed at this time. The standby CMM is flashing. A user attempts to make a cryptographic mode change while the CMM is unable to modify settings.
A cryptographic mode change is disallowed at this time. The primary CMM is initializing. A user attempts to make a cryptographic mode change while the CMM is unable to modify settings.
A cryptographic mode change is disallowed at this time. The standby CMM is in a post-flash initialization state. A user attempts to make a cryptographic mode change while the CMM is unable to modify settings.
Configurations options blocking transition to NIST Strict Other settings prevent the CMM from transitioning to nist800-131a cryptographic mode.
Crypto mode change not permitted. The following nodes require an update to the latest blade firmware: node

where node identifies the compute nodes requiring a firmware update.

A user attempts to change cryptographic settings when compute node firmware requires an update to support the change.
Disabling failover failed. Disabling CMM failover fails while the CMM attempts to restart.
External LDAP certificate for profiles has invalid params Other settings prevent the CMM from transitioning to nist800-131a cryptographic mode.
External LDAP certificate in slot number has invalid params

where number identifies the slot with invalid parameters.

Other settings prevent the CMM from transitioning to nist800-131a cryptographic mode.
FSM User number has non-compliant SNMP properties

where number identifies the user with properties that are not compliant.

Other settings prevent the CMM from transitioning to nist800-131a cryptographic mode.
Restarting CMM failed. The CMM failed to restart.
Restarting the CMM now for changes to -m to take effect. Advisory message indicating that the CMM is restarting.
SSH key key for user user has invalid length

where key identifies the invalid length key and user identifies the user assigned this key.

Other settings prevent the CMM from transitioning to nist800-131a cryptographic mode.
SSL clients cipher suites legacy compatibility Other settings prevent the CMM from transitioning to nist800-131a cryptographic mode.
TLS minimum version change not permitted. The following nodes require an update to the latest blade firmware: node

where node identifies the compute nodes requiring a firmware update.

A user attempts to change cryptographic settings when compute node firmware requires an update to support the change.
User number has non-compliant SNMP properties

where number identifies the user with properties that are not compliant.

Other settings prevent the CMM from transitioning to nist800-131a cryptographic mode.