Why practise I get an Invalid CSR error when submitting an order?

At that place are a number or reasons why a CSR volition exist rejected by our ordering page. Listed below are some of the most common reasons a CSR might be rejected.

  • The common name contained in the CSR is not a Fully Qualified Domain NameClosed A Fully Qualified Domain Name (FQDN), sometimes also referred as an absolute domain name. Case mydomain.com webmail.mydomain.com . Brand sure when you lot generate your CSR it contains the fully qualified domain name of the site that yous are trying to secure (i.e. the domain name that would be displayed in the URL of the site yous are trying to secure such equally www.webnames.ca).
  • If the CSR was generated on an Apache server, an optional claiming password may have been entered. When generating the CSR ensure yous leave the challenge password bare.
  • There are illegal characters in 1 of the fields of the CSR. Make sure the following characters are not in any of the fields in the CSR: < > ~ ! @ # $ % ^ * / \ ( ) ?.,&. Also international characters will usually cause a problem.
  • Unabridged CSR is non entered into the form. Make sure that you include the entire CSR when pasting information technology into the form, this includes everything from the first v dashes before BEGIN NEW Certificate Asking through the final five dashes after Cease NEW CERTIFICATE REQUEST.
  • The CSR bit length does non meet the minimum requirement of 2048 bits. Delight see the subsequent FAQ entry: "Can I submit a 1028 flake or 2048 bit CSR key?"

CSR Validation Error Codes

Code Type Description

  • 1001 Full general System Error
  • 2001 Required Field Missing The render text is of the format:
    • "Required Field Missing: -Please supply required field and resubmit request"
  • 2002 Invalid PartnerCode
  • 2003 Invalid PartnerOrderID An invalid ProductCode volition receive error -2019 (Missing or invalid field: ProductCode)
  • 2006 Invalid field in an guild Invalid field data of some blazon. The ErrorField returned contains the name of the problematic field. This error volition exist returned for fields that exceed the maximum length, instead of -2017, for all legacy Mail service calls and near deprecated API calls.
  • 2007 Mistake getting OrderStatus
  • 2008 Invalid Replay Token
  • 2009 Hallmark Failure
  • 2010 CSR Invalid General CSR error
  • 2011 General ModifyOrder Error PartnerOrderID was not institute due to the order associated with the PartnerOrderID was cancelled.
    • Username did not match whatever records in DB
    • Order type doesn't support corroborate method
  • 2012 Other General error Function not available in production.
    • Unable to cancel completed orders in production.
    • Unable to approve True BusinessID club
    • Unable to approve QSSL orders in production
    • Unable to revoke certificates in production
    • Unable to deactivate society
  • 2013 Other General error ModifyOrderOperation is invalid
  • 2016 Competitive Upgrade failure Can't get Certificate from server
  • 2017 Field has exceeded maximum length. The Error Field returned contains the name of the problematic field. The render text is of the format: The maximum field length has been exceeded.
  • 2018 Wildcard not allowed Wildcard specification is not permit for specified ProductCode
  • 2019 Missing or invalid field Specific reason returned in the error message
  • 2020 CSR cannot be parsed Unable to Parse the CSR
  • 2021 CSR signature invalid Can parse the CSR just the signature is invalid
  • 2022 CSR Land code invalid Land code is not in the list of supported country codes.
  • 2023 CSR contains unsupported extensions Unsupported extension found in the CSR.
  • 2024 CSR Invalid CN – invalid characters Invalid characters were specified in the CN
  • 2025 CSR invalid CN – Appears to exist an IP address
  • 2026 CSR invalid CN – does not contain at least i period
  • 2027 CSR invalid CN – Wildcard non supported For QuickSSL, refuse if it looks like a CSR for a wildcard cert.
  • 2029 Invalid field in CSR
  • 2030 Required field missing in CSR
  • 2031 CSR invalid –N - CN ends with a dot
  • 2032 CSR invalid –N - CN is too short.
  • 2033 CSR invalid - maximum field length exceeded
  • 2034 Error in processing lodge with electric current selection. Valid contract non found The production sku for the value in the is not present in an active contract in your account.
  • 2040 Order already in process for the domain If an order is currently in procedure for a domain, a duplicate gild is rejected. Attempting to reuse a PartnerOrderID will also cause this error.
  • 2042 Incorrect status ID for condition=REQUESTED
  • 2043 Profile has unsupported certificate format
  • 2044 Error encountered approving club
  • 2050 Credit card authority failure Credit card data failed potency
  • 2060 Invalid profile name The supplied Profile Proper noun was not establish
  • 2061 Invalid profile default locale
  • 2062 Invalid EmailLanguageCode
  • 2063 Order Attribute tag not constitute The Order Aspect tag was non found in the contour definition.
  • 2064 Required Gild Attribute tag non found A required Lodge Attribute tag was non specified
  • 2065 Order Attribute missing required tag
  • 2066 Contour does non back up P12 A P12 was specified in the request, just the profile does not support P12.
  • 2067 Profile does not support P7 A P7 was specified in the asking, but the profile does not back up P7.
  • 2068 Invalid TCOrderType TCOrderType value is invalid
  • 2069 Profile not agile The specified contour is not active
  • 2071 Profile proper name required to revoke cert with serial number The profile name was not supplied for a revocation asking by series number.
  • 2072 Cannot locate certificate by PartnerOrderID No certificate match was establish for the specified PartnerOrderID
  • 2073 Cannot locate certificate to revoke A certificate could be located for the specified revocation parameters
  • 2074 Certificate is already revoked The document to be revoked has already been revoked
  • 2075 Error revoking certificate
  • 2076 Revoke non allowed for production code Revocation is not immune for the specified product code for this environment.
  • 2080 Maximum login attempts exceeded Account has been locked out due to excessive client authentication failures. Contact GeoTrust to re-enable user credentials.
  • 2081 Invalid InviteDuration specified
  • 2083 Cannot Locate society by Partner Code The PartnerCode submitted with the asking is invalid either due to information technology does not exist in the system or the order was cancelled.
  • 2084 Reissue Non Bachelor for Order The guild you are trying to practice a reissue for is not eligible for a Reissue request via the API. This will typically occur if there is a cost associated with the reissue (for instance RapidSSL and VeriSign SSL Certificate after information technology has been issued for xxx days)
  • 2085 Unsupported post Response Type The value entered in the ResponseType field in a POST API asking is not valid
  • 2089 Our system has detected that your CSR has a weak public key. For more information, please read the advisory at https://knowledge.geotrust.com/back up/knowledge-base/index?page=content&id=AR1921 CSR submitted contains a weak primal
  • 2091 The requested feature is non supported for this product Unsupported characteristic
  • 2100 ASL - General Error
  • 2101 OriginalPartnerOrderID Midterm upgrade unavailable. Reason: The club is all the same within the cancellation catamenia
  • 2102 Cannot locate OriginalPartnerOrderID BadOrderID ASL - Invalid Original Partner Social club ID. For midterm upgrade: Midterm upgrade unavailable.
    • Reason: The club is in the renewal menstruation
  • 2103 OriginalPartnerOrderID ASL - Invalid SKU For Original Order (ASL ProductCode for ASL Order does not match ProductCode in Original Order). For midterm upgrades: Midterm upgrade unavailable.
    • Reason: The club has already been upgraded
  • 2104 OriginalPartnerOrderID Midterm upgrade unavailable. Reason: The order is an upgrade order
  • 2105 OriginalPartnerOrderID Midterm upgrade unavailable. Reason: The product to upgrade to is not in an agile contract
  • 2106 OriginalPartnerOrderID Midterm upgrade unavailable. Reason: The society has been canceled
  • 2107 OriginalPartnerOrderID Midterm upgrade unavailable. Reason: Upgrade to specified product not allowed
  • 2108 OriginalPartnerOrderID Midterm upgrade unavailable. Reason: The order is not completed
  • 2110 OriginalPartnerOrderID The Mutual Name you specified, does not match the i in the original order
  • 3001 Hallmark Failure This fault is returned when at that place are errors creating a ii manner SSL connection on Mail service calls. In virtually cases it is considering the customer has included a corrupt or "empty" X509 client document.
  • 3005 Insufficient Remaining Reissues Reissue with Bereft Remaining Reissues, includes reissue of FreeSSL or GT Trial, which is not allowed
  • 3010 The common name in the CSR does non match the site's domain name The common name in the CSR does not match the site's domain name
  • 3011 Reissue with SLDN not matching the original order Reissue with SLDN not matching the original lodge
  • 3013 Cannot reissue to a wildcard domain This error is returned when the value in the CN of the new CSR used for a reissue is a wildcard and the value in the original CSR was not.
  • 4001 Parameter Less Than Minimum This fault is returned when a field has a minimum length requirement that hasn't been supplied.
  • 4002 Invalid Scripting Tag Returned when our system detects scripting code in one of the data fields.
  • 4003 Domain Hard Block This error is returned when an society is placed for a domain endemic past ane of our enterprise level customers that has requested all orders be placed through their business relationship.
  • 4004 Domain CDN Hard Cake Similar to Domain Difficult Block mistake.

See also: "Can I submit a 1028 bit or 2048 bit CSR central"

If you lot have checked all of the these problems and you are still not able to submit your CSR please feel costless to contact us at 1-866-221-7878 or by electronic mail at support@webnames.ca