Current ThreatQ Version Filter
Troubleshooting SSL Client Certificate Authentication
The following is a list of common authentication errors a user may encounter when accessing ThreatQ.
| Error Message | Cause | Resolution |
|---|---|---|
Password Expired
|
An Administrative, Primary Contributor, or Read-Only user attempted to use a password to log in after a CAC / PIV SSL fingerprint was added to the user profile. | From the ThreatQ login page, click the Log in with CAC/PIV Card button to access ThreatQ. |
Certificate Error
|
A user attempted to use an expired CAC / PIV SSL certificate. | Ask a Maintenance or Administrative user to add your new certificate fingerprint to your user profile. |
The fingerprint has already been taken. |
A user attempted to log in using a certificate/fingerprint that is already associated with another user profile. | Contact a Maintenance or Administrative user to determine the root cause of the certificate duplication. |
The following is a list of common authentication errors a user may encounter when configuring SSL Client Certificate Authentication.
| Error Message | Cause | Resolution |
|---|---|---|
Upload a valid RSA certificate to enable. |
An Administrative or Maintenance user tried to move the Disabled/Enabled toggle to Enabled without uploading a CA certificate file. | See the SSL Client Certificate Authentication topic for the steps required to enable SSL Client Certificate Authentication. |
The certificate file is not a valid X.509 certificate. |
An Administrative or Maintenance user tried to upload a certificate file that was not a PEM-encoded, X.509 CA certificate file. | Upload a PEM-encoded, X.509 CA certificate file. |
This certificate is expired. |
An Administrative or Maintenance user tried to upload a certificate file with an expiration prior to the current date. | Upload a certificate file with an expiration date after than the current date. |