ACCESS_SESSION_ESTABLISH_FAILURE Audit Event - dogtagpki/pki GitHub Wiki

Overview

The ACCESS_SESSION_ESTABLISH_FAILURE audit event is generated when PKI client failed to establish a secure connection to PKI server.

Properties:

ClientIP: Client’s IP address
ServerIP: Server’s IP address
SubjectID: Client certificate’s subject DN if known
Outcome: Failure
Info: Failure reason
- See SSLAlertDescription.java

Note: In PKI 10.5 this event is renamed to ACCESS_SESSION_ESTABLISH.

Examples

Configure CLI to use a cipher that is disabled on the server:

SSL_CIPHERS="TLS_RSA_WITH_AES_128_CBC_SHA256"
SSL_DEFAULT_CIPHERS="false"

Then execute a CLI command that uses SSL:

$ pki -n caadmin ca-user-find

The operation will fail and the server will generate the following events:

[AuditEvent=ACCESS_SESSION_ESTABLISH_FAILURE][ClientIP=10.34.78.30][ServerIP=10.
34.78.30][SubjectID=][Outcome=Failure][Info=HANDSHAKE_FAILURE] access session es
tablish failure

Tip	To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis.

ACCESS_SESSION_ESTABLISH_FAILURE Audit Event - dogtagpki/pki GitHub Wiki

Overview

Examples

⚠️ **GitHub.com Fallback** ⚠️

⚠️ GitHub.com Fallback ⚠️