CWPKI

CWPKI0001I: The SSL service is initializing the configuration.
CWPKI0002I: SSL service initialization completed successfully.
CWPKI0003I: The SSL service is starting.
CWPKI0004I: The SSL service started successfully.
CWPKI0005I: SSL service initialization did not succeed.
CWPKI0006E: An exception occurred when trying to create or register {0} mBean. Exception: {1}
CWPKI0007I: The SSL service did not start successfully.
CWPKI0008E: An error occurred during SSL initialization. Exception: {0}
CWPKI0009E: The system cannot create the security object during initialization.
CWPKI0010E: The system cannot obtain the WebSphere Application Server process type during initialization.
CWPKI0011E: Resource {0} could not be loaded from the cell. Exception: {1}
CWPKI0012I: FIPS is enabled. The server is running in FIPS mode, using the IBMJCEFIPS provider.
CWPKI0013W: FIPS is enabled, but the IBMJCEFIPS provider is not active in the java.security file. This file needs to be changed to include the IBMJCEFIPS provider in the provider list before the IBMJCE provider.
CWPKI0014I: FFDC Diagnostic Module {0} for the SSL component registered successfully: {1}
CWPKI0015E: An error occurred while stopping the SSL component. Exception: {0}
CWPKI0016W: The certificate with alias {0} from keyStore {1} will be expired in {2} days.
CWPKI0017E: The certificate with alias {1} from keyStore {2} is expired.
CWPKI0018W: The keystore type of {0} is not valid for SSL configuration alias {1}.
CWPKI0019E: An error occurred while parsing the SSL client configuration file {0}. Exception: {1}
CWPKI0020E: An error occurred while loading custom trust manager class {0}. Exception: {1}
CWPKI0021E: An error occurred while loading custom key manager class {0}. Exception: {1}
CWPKI0022E: SSL HANDSHAKE FAILURE: A signer with SubjectDN {0} was sent from the target host. The signer might need to be added to local trust store {1}, located in SSL configuration alias {2}. The extended error message from the SSL handshake exception is: {3}
CWPKI0023E: The {0} certificate alias specified by the attribute clientKeyAlias is either not found in KeyStore {1} or it is invalid.
CWPKI0024E: The {0} certificate alias specified by the attribute serverKeyAlias is either not found in KeyStore {1} or it is invalid.
CWPKI0025E: The system could not load the https Handler class {0}. Extended error message: {1}
CWPKI0026E: An error occurred while reinitializing the SSL configuration after a change to the security.xml file. Extended error message: {0}
CWPKI0027I: Default hostname verification for HTTPS URL connections is being disabled.
CWPKI0028E: SSL handshake protocol {0} is not valid. This protocol is specified in the SSL configuration alias {1} loaded from SSL configuration file {2}. Extended error message: {3}
CWPKI0029E: SSL context provider {0} is not valid. This provider is specified in the SSL configuration alias {1} loaded from SSL configuration file {2}. Extended error message: {3}
CWPKI0030E: An error occurred while exchanging signers between cell and node. Exception: {0}
CWPKI0031E: An error occurred while creating a client keystore or truststore during initialization. Exception: {0}
CWPKI0032E: An error occurred while creating a self-signed certificate. Exception: {0}
CWPKI0033E: The keystore located at {0} did not load because of the following error: {1}
CWPKI0034E: Schedule {0} could not be initialized because of the following error: {1}
CWPKI0035E: Schedule {0} could not read the next scheduled date. The alarm is being initialized for the following date: {1}
CWPKI0036E: An error occurred while sending email to {0} using SMTP server {1}. Exception: {2}
CWPKI0037I: The expiration monitor reports the following information: {0}
CWPKI0038E: The expiration monitor did not start. Error: {0}
CWPKI0039E: Cannot find Node connector properties for the hostname {0} in the hostlist for keystore {1}.
CWPKI0040I: An SSL handshake error occurred from a secure client. The server SSL signer has to be added to the client trust store. A retrieveSigners utility is provided to download signers from the server but requires administrative permission. Arrange with your administrator to have this utility run to setup the secure environment before running the client. Alternatively, you can enable the com.ibm.ssl.enableSignerExchangePrompt in ssl.client.props for "DefaultSSLSettings" to allow acceptance of the signer during the connection attempt.
CWPKI0041W: One or more key stores are using the default password.
CWPKI0042E: An exception occurred while storing a certificate in the issued certificates key store. Exception: {0}
CWPKI0043E: An error occurred while creating a chained certificate. Exception: {0}
CWPKI0044E: A PasswordEncryptException exception was generated during custom encryption. Exception: {1}
CWPKI0045E: A password was received that is encrypted with a custom algorithm that is not currently configured.
CWPKI0046E: The system could not get the HW crypto initialization status: {1}
CWPKI0047E: The system could not get the HW crypto provider instance: {1}
CWPKI0048E: The system could not get the HW crypto provider instance: tokenLib: {1}, tokenSlot: {2}, exception: {3}
CWPKI0049W: UseFIPS is enabled but the SSL configuration is not using a FIPS-approved JSSE Provider. Threfore FIPS-approved cryptographic algorithms will not be used.
CWPKI0050W: The certificate with the {0} alias from the {1} keyStore has no subject alternative name. HostName verification is not enforced for serverIdentity collective controller, replica and member SSL communication.
CWPKI0063W: Hostname verification is disabled for {0}. TLS/SSL connections do not check server identities to verify that the client is communicating with the correct server.
CWPKI0200E: An attempt to generate keys using KeySet {0} occurred when the KeySet is not configured to generate keys. Message: {1}
CWPKI0201E: An error occurred while retrieving key alias {0} from KeySet {1}. Exception: {2}
CWPKI0202E: An error occurred trying to instantiate the key generation class {0} configured in KeySet {1}. Message: {2}
CWPKI0203E: An attempt to import keys to KeySet {0} failed. Exception: {1}
CWPKI0204E: An error occurred during a scheduled key generation for KeySetGroup {0}. Exception: {1}
CWPKI0300I: Use the -listRemoteKeyStoreNames and -listLocalKeyStoreNames options to get a list of names for <remoteKeyStoreName> and <localKeyStoreName> respectively. Usage: retrieveSigners <remoteKeyStoreName> <localKeyStoreName> [options] options: [-profileName <profileName>] [-remoteAlias <aliasFromRemoteStore>] [-localAlias <storeAsAlias>] [-listRemoteKeyStoreNames] [-listLocalKeyStoreNames] [-autoAcceptBootstrapSigner] [-uploadSigners] [-host <host>] [-port <port>] [-conntype <RMI|SOAP>] [-user <user>] [-password <password>] [-trace] [-logfile <filename>] [-replacelog] [-quiet] [-help]
CWPKI0301I: Trace mode is on.
CWPKI0302E: The system cannot write to the trace log file at the following location: {0}
CWPKI0303I: Trace is being logged to the following location: {0}
CWPKI0304E: The <remoteKeyStoreName> specified as {0} was not found on the server.
CWPKI0305E: The <aliasFromRemoteStore> specified as {0} was not found in truststore {1} on the server.
CWPKI0306I: The following remote keystores exist on the specified server: {0}
CWPKI0307I: The following local keystores exist on the client: {0}
CWPKI0308I: The system is adding signer alias {0} to local keystore {1} with the following {3} digest: {2}
CWPKI0309I: All signers from the remote keystore already exist in the local keystore.
CWPKI0310E: The <localKeyStoreName> specified as {0} was not found on the client.
CWPKI0311E: The certificate with subject DN {0} has a start date {1} which is valid after the current date and time. This can happen if the client clock is set earlier than the server clock. Please verify the clocks are in sync between this client and server then retry the request.
CWPKI0312E: The certificate with subject DN {0} has an end date {1} which is no longer valid.
CWPKI0313W: The following option is not valid: {0}
CWPKI0314E: The following error is returned from an exception: {0}
CWPKI0315E: SSL configuration properties are null. There could be a problem parsing the SSL client configuration.
CWPKI0401I: Trace mode is on.
CWPKI0402E: The system cannot write to the trace log file at the following location: {0}
CWPKI0403I: Trace is being logged to the following location: {0}
CWPKI0404W: The following option is not valid: {0}
CWPKI0405E: The following error is returned from an exception: {0}
CWPKI0406E: The PKI client implementation class {0} could not be found.
CWPKI0407E: The PKI client implementation class {0} is not an instance of com.ibm.ws.ssl.WSPKIClient.
CWPKI0408E: Certificate {0} is not a personal certificate.
CWPKI0409E: Certificate alias {0} does not exist in key store {1}.
CWPKI0410E: The local keyStore specified as alias {0} was not found on the client.
CWPKI0411E: A certificate with a public key matching the public key in the certificate from the Certificate Authority (CA) is not found in keystore {0}.
CWPKI0412I: The certificate returned from the Certificate Authority (CA) is null. The certificate request was not processed immediately and must be obtained out-of-band using the queryCertificate command.
CWPKI0413E: Supply {0} value for {1}.
CWPKI0414E: The option {0} is required with a value.
CWPKI0415E: The following error occurred while initializing the Certificate Authority (CA) implementation: {0}
CWPKI0416E: The following error occurred while creating a Certificate Authority (CA) signed certificate: {0}
CWPKI0417E: The following error occurred while revoking a Certificate Authority (CA) signed certificate: {0}
CWPKI0418E: The following error occurred while querying the Certificate Authority (CA) for a signed certificate: {0}
CWPKI0419E: The system was unable to receive the certificate because the keystore specified is read-only.
CWPKI0420E: The certifcate request was processed by the Certificate Authority (CA) but could not be stored in the keystore specified. The certificate will be revoked and a retry of the request is necessary. Check the previous error messages and correct the issues before retrying the certificate request.
CWPKI0421I: A PKCS10 certificate request with alias {0} was successfully created. The request is stored in the following file: {1}
CWPKI0422I: The system is generating a PKCS10 certificate request.
CWPKI0423E: The PKCS10 certifcate request could not be created because of the following error: {0}
CWPKI0424E: Certificate alias {0} already exists in key store {1}.
CWPKI0425E: The subjectDN supplied is incorrect.
CWPKI0426W: The following options were not recognized and will be ignored: {0}
CWPKI0427E: The custom attributes cannot be parsed.
CWPKI0450E: Attribute {0} is missing or of an incorrect type. Correct type is {1}.
CWPKI0451E: The certificate request is null.
CWPKI0452E: The revocation password for this request is null.
CWPKI0453E: The following unexpected exception has occurred: {0}
CWPKI0454E: The system could not create temporary file {0}.
CWPKI0455I: Requesting a Certificate Authority (CA) signed certificate.
CWPKI0456E: An exception occurred when requesting the certificate: {0}
CWPKI0457E: An exception occurred when revoking the certificate: {0}
CWPKI0458E: An exception occurred when querying the certificate: {0}
CWPKI0459E: The certificate chain is null.
CWPKI0460I: Revoking a Certificate Authority (CA) signed certificate.
CWPKI0461I: Action {0} is not supported by this implementation.
CWPKI0462I: A certificate revocation request for certificate alias {0} has been initiated. Reason: {1}
CWPKI0463I: Certificate received and stored in keystore {0} as alias {1}.
CWPKI0800E: An internal error occurred. Exception caught adding IBMJCEFIPS provider. Exception: {0}
CWPKI0801E: Unable to create default SSL configuration. Exception is {0}.
CWPKI0802I: Creating the SSL certificate. This may take a few seconds.
CWPKI0803A: SSL certificate created in {0} seconds. SSL key file: {1}
CWPKI0804E: SSL certificate creation error. {0}
CWPKI0805E: A password is required for the default keystore is missing.
CWPKI0806E: The keystore configuration is incomplete, the location and type must be specified.
CWPKI0807W: The keyStore location {0} could not be found for element with id attribute {1}.
CWPKI0808E: A password of at least 6 characters is required to create the default keystore. The default keystore is not created.
CWPKI0809W: There is a failure loading the {0} keystore. If an SSL configuration references the {1} keystore, then the SSL configuration will fail to initialize.
CWPKI0810I: The {0} keystore is read only and the certificate will not be written to the keystore file. Trust will be accepted only for this connection.
CWPKI0811I: The keystore file {0} has been modified. The keystore file will be reloaded so the updated keystore file can be used.
CWPKI0812E: Error while trying to get the [{0}] key from the [{1}] keystore. Check to make sure the entry is a key and the key password is correct. Exception returned is: [{2}].
CWPKI0813E: Error while trying to initialize the keymanager for the keystore [{0}]. The private key password is not correct or the keystore has multiple private keys with different passwords. This keystore can not be used for SSL. Exception message is: [{1}].
CWPKI0814E: An error while initializing hardware keystore [{0}]. Check the hardware configuration {1} file to be sure the attributes are set correctly. Exception returned from the provider is {2}.
CWPKI0815W: More than one OutboundConnection element specifies the [{0}] host and [{1}] port as a filter. The OutboundConnection element configured on the [{2}] SSL element will be used.
CWPKI0816W: The outboundConnection element with an asterisk (*) as the host and port is set to the [{0}] SSL configuration. This setting is in conflict with the outboundSSLRef attribute setting. The {1} SSL configuration that is specified by the outboundSSLRef attribute is used.
CWPKI0817A: The default SSL configuration expects a <keyStore> element with an id value of {0}, and a password. The {0} <keyStore> element is missing, or the password is not specified. If SSL is not required, this message can be ignored. If SSL is required, either define the missing element: <keyStore id="{0}" password="yourpassword" />, or change the default SSL configuration to use an existing keystore. See the following example: <ssl id="defaultSSLConfig" keyStoreRef="newKeyStore" />.
CWPKI0818E: The default SSL configuration references a <keyStore> element with an id value of {0}, which does not exist in the configuration or whose definition is missing a password. Either define a keystore with id {0} or update the <ssl id="defaultSSLConfig" keyStoreRef="{0}" /> to reference an existing keystore.
CWPKI0819I: The default keystore is not created because a password is not configured on the <keyStore id="defaultKeyStore"/> element, and the 'keystore_password' environment variable is not set.
CWPKI0820A: The default keystore has been created using the 'keystore_password' environment variable.
CWPKI0821I: The {1} default keystore with the {2} keystore type was loaded.
CWPKI0822W: A minimal default keystore configuration has been specified and the keystores key.jks and key.p12 both exist in the default keystore location. The key.jks will be used as the default keystore.
CWPKI0823E: SSL HANDSHAKE FAILURE: A signer with SubjectDN [{0}] was sent from the host [{1}]. The signer might need to be added to local trust store [{2}], located in SSL configuration alias [{3}]. The extended error message from the SSL handshake exception is: [{4}].
CWPKI0824E: SSL HANDSHAKE FAILURE: Host name verification error while connecting to host [{0}]. The host name used to access the server does not match the server certificate''s [{1}]. The extended error message from the SSL handshake exception is: [{2}].
CWPKI0825W: The trustDefaultCerts attribute is enabled but the default truststore failed to initialize. Because the default truststore did not initialize, only the truststore that is configured by the {0} SSL configuration is used. The exception that is returned is: {1}.
CWPKI0826W: The certificate was not retrieved from the {0} environment variable. The certificate was not added to the {1} truststore. The exception that is returned is: {2}.
CWPKI0827I: The {0} SSL configuration uses the default truststore in addition to the configured truststore.
CWPKI0828E: The trustDefaultCerts attribute is enabled but trust was not established by using the default truststore. The extended error message from the SSL handshake exception is: {0}.
CWPKI0829E: SSL certificate update error. {0}
CWPKI0830I: Certificate with the {0} SubjectDN from the {1} environment variable is being added to the {2} keystore.
CWPKI0831E: The {0} SSL/TLS protocol cannot be used. Extended error is: {1}
CWPKI0832E: The {0} SSL/TLS protocol value that is provided cannot be used for configuring a list of SSL protocols values.
CWPKI0833E: The {0} SSL/TLS configuration has an error that prevents creation of the SSL/TLS configuration.
CWPKI0834E: The {0} SSL/TLS configuration cannot be set as the process default SSL configuration due to an error.
CWPKI0835E: An SSL/TLS configuration cannot be created for the inbound connection because a key manager was not created.
CWPKI0836E: An SSL/TLS configuration cannot created because key and trust managers were not created.
CWPKI2001E: The ACME certificate authority at the {0} URI responded that the authorization challenge failed for the {1} domain. The challenge status is {2}. The error is ''{3}''.
CWPKI2002E: The ACME service polling timed out while checking for a successful authorization challenge for the {0} domain from the ACME certificate authority at the {1} URI. The status is {2}. The configured timeout is {3}.
CWPKI2003E: The ACME certificate authority at the {0} URI responded that the certificate order failed for the {1} domains. The order status is {2}. The error is ''{3}''.
CWPKI2004E: The ACME service polling timed out while checking for a successful order for the {0} domain from the ACME certificate authority at the {1} URI. The status is {2}. The configured timeout is {3}.
CWPKI2005E: The authorization returned from the ACME certificate authority at the {0} URI did not include a valid challenge type. Supported challenge types include {1}.
CWPKI2006I: The ACME certificate authority at the {0} URI provided the following terms of service: {1}
CWPKI2007I: The ACME service installed a certificate with the {0} serial number that is signed by the ACME certificate authority at the {1} URI. The expiration date is {2}.
CWPKI2008E: The ACME certificate authority directory URI must be a valid URI. The URI received was null or empty. The URI received was ''{0}''.
CWPKI2009E: The challenge request to the ACME certificate authority at the {0} URI failed. The error is ''{1}''.
CWPKI2010E: The challenge update to the ACME certificate authority at the {0} URI failed. The error is ''{1}''.
CWPKI2011E: The ACME service failed to create the certificate order for the ACME certificate authority at the {0} URI. The error is ''{1}''.
CWPKI2012E: The ACME service failed to sign the certificate signing request for the ACME certificate authority at the {0} URI. The error is ''{1}''.
CWPKI2013E: The certificate signing request was created and signed, but the order request to the ACME certificate authority at the {0} URI failed. The error is ''{1}''.
CWPKI2014E: The certificate signing request for the ACME certificate authority at the {0} URI was created and signed, but encoding the request failed. The error is ''{1}''.
CWPKI2015E: The ACME service certificate order status request from the ACME certificate authority at the {0} URI failed. The error is ''{1}''.
CWPKI2016E: The ACME service request for an existing account from the ACME certificate authority at the {0} URI failed. The error is ''{1}''.
CWPKI2017E: The ACME request for the terms of service from the ACME certificate authority at the {0} URI failed. The error is ''{1}''.
CWPKI2018E: The user account could not be created on the ACME certificate authority at the {0} URI. The error is ''{1}''.
CWPKI2019I: The account URL provided by the ACME certificate authority at the {0} URI is {1}.
CWPKI2020E: The ACME service could not read the domain key file for the ACME certificate authority domain. The file location is {0}. The error is ''{1}''.
CWPKI2021E: The ACME service could not read the account key file for the ACME certificate authority account. The file location is {0}. The error is ''{1}''.
CWPKI2022E: The ACME service could not write to the domain key file for the ACME certificate authority domain. The file location is {0}. The error is ''{1}''.
CWPKI2023E: The ACME service could not write to the account key file for the ACME certificate authority account. The file location is {0}. The error is ''{1}''.
CWPKI2024E: The ACME service failed to revoke the requested certificate for the ACME certificate authority at the {0} URI. The certificate is serial number {1}. The error is ''{2}''. This can occur if the directory URI has changed, and if so, it can be ignored.
CWPKI2025W: The ACME service cannot load the account key pair for the ACME certificate authority at the {0} URI.
CWPKI2026W: The ACME service cannot find the account at the ACME certificate authority at the {0} URI.
CWPKI2027E: The {0} file path for the ACME service is null or empty. The path provided is ''{1}''.
CWPKI2028E: The ACME service could not create a new session to connect to the ACME certificate authority at the {0} URI. The error is ''{1}''.
CWPKI2029E: The ACME service could not access the keystore at the {0} file path to find the {1} alias certificate. The error is ''{2}''.
CWPKI2030E: The ACME service could not install a certificate under the {0} alias into the {1} keystore. The error is ''{2}''.
CWPKI2031E: The {0} certificate subject name in the default certificate with the {1} serial number is an invalid distinguished name. The error is ''{2}''.
CWPKI2032E: The certificate subject alternative names in the default certificate with the {0} serial number could not be parsed. The error is ''{1}''.
CWPKI2033E: The ACME service cannot update the {0} account for the ACME certificate authority at the {1} URI. The error is ''{2}''.
CWPKI2034E: The ACME service could not create a keystore instance. The error is ''{0}''.
CWPKI2035E: The ACME service could not store the signed certificate in the {0} keystore. The error is ''{1}''.
CWPKI2036W: The ACME service timed out waiting for the web authorization application to start. The application is required to complete a certificate request with an ACME certificate authority. The certificate request is attempted. The service waited for {0}.
CWPKI2037E: The domains for the ACME service were either null or empty.
CWPKI2038I: The ACME service revoked the certificate with the {0} serial number. The certificate is no longer valid.
CWPKI2039E: The ''{0}'' distinguished name (DN) defined by subjectDN contains a ''{1}'' cn relative distinguished name (RDN) value that does not match any of the defined domains.
CWPKI2040E: The cn relative distinguished name (RDN) was not the first RDN in the subjectDN configuration attribute.
CWPKI2041E: The ''{0}'' relative distinguished name (RDN) type in the subjectDN configuration attribute is not supported. The following RDN types are supported: cn, o, ou, c, st, l.
CWPKI2042E: The ''{0}'' subjectDN attribute value is not a valid distinguished name. The error is ''{1}''.
CWPKI2043E: The ''{0}'' value is not a valid relative distinguished name (RDN). The error is ''{1}''.
CWPKI2044E: The certificate is not an X.509 certificate. The certificate type is {0}.
CWPKI2045W: The certificate with {0} serial number that is signed by the ACME certificate authority at the {1} URI is not valid until {2}.
CWPKI2046E: The certificate {0} revocation reason is invalid. Supported revocation reasons are: unspecified, key_compromise, ca_compromise, affiliation_changed, superseded, cessation_of_operations, certificate_hold, remove_from_crl, privilege_withdrawn and aa_compromise.
CWPKI2047E: Failed to register the new account key pair with the ACME certificate authority. The error is ''{0}''.
CWPKI2048I: The account key pair renewal is successful. The old account key pair backed up to the {0} file.
CWPKI2049E: The account key pair did not renew or restore to the existing key pair file. Manually replace the {0} account key pair file with the {1} account key pair file.
CWPKI2050E: The existing account key pair file did not back up during the account key pair renewal. The error is ''{0}''.
CWPKI2051W: The renewBeforeExpiration property was set to {0} which is shorter than the minimum renew time. The renewBeforeExpiration property is reset to {1}.
CWPKI2052I: The certificate with {0} serial number expires on {1}. The ACME service will request a new certificate from the ACME certificate authority at the {2} URI.
CWPKI2053W: The certificate with {0} serial number expired on {1}. The ACME service is not configured to automatically request a new certificate.
CWPKI2054W: The renewBeforeExpiration property was set to {0}, which is equal to or longer than the validity period of the certificate with {1} serial number. The validity period of the certificate is {2}. The renewBeforeExpiration property is reset to {3}.
CWPKI2055W: The renewBeforeExpiration property is set to a short amount of time. The ACME service makes frequent requests for a new certificate. The renewBeforeExpiration property is {0}.
CWPKI2056W: The validity period of the certificate with {0} serial number is shorter than the {1} minimum renew time. The validity period of the certification is {2}. The renewBeforeExpiration property is reset to {3}.
CWPKI2057E: Certificate revocation status checking did not create a Java certificate path validation tool to validate the certificate. The error is ''{0}''.
CWPKI2058W: Certificate revocation status checking ignored soft failures. Revocation checking might be incomplete. The failures are: ''{0}''.
CWPKI2059I: Certificate revocation status checking found that the certificate with the {0} serial number is revoked.
CWPKI2060E: The OCSP URL from the certificate with the {0} serial number was not retrieved. The error is: ''{1}''.
CWPKI2061E: The CRL distribution points from the certificate with the {0} serial number were not retrieved. The error is ''{1}''.
CWPKI2062E: The {0} OCSP responder URL defined in the server configuration is not a valid URI. If defined, it must be a valid URI to override the OSCP responder URL contained in the certificate.
CWPKI2063E: The ACME certificate authority at the {0} URI updated its terms of service and now requires the user to agree to the new terms of service at the following URI before it processes any further requests: {1}
CWPKI2064I: The ACME service retrieved the certificate with the {0} serial number from the {1} URI in {2} seconds.
CWPKI2065W: The ACME service failed to automatically renew the certificate with the {0} serial number. The request is scheduled to try again in {1}. The certificate expires on {2}. The renew request error is ''{3}''.
CWPKI2066E: The ACME service failed to automatically renew the certificate with the {0} serial number. The certificate is revoked. The request is scheduled to try again in {1}. The renew request error is ''{2}''.
CWPKI2067I: The certificate with the {0} serial number is revoked. The ACME service requests a new certificate from the ACME certificate authority at the {1} URI.
CWPKI2068W: The ACME service automatic certificate checking failed to check if the certificate with the {0} serial number is expiring or revoked. The check is scheduled to try again in {1}. The error is ''{2}''.
CWPKI2069I: The ACME service automatic certificate checking is disabled. Expiring or revoked certificates are not automatically renewed.
CWPKI2070W: The certCheckerSchedule property was set to {0}, which is shorter than the minimum schedule time. The certCheckerSchedule property is reset to {1}.
CWPKI2071W: The certCheckerErrorSchedule property was set to {0}, which is shorter than the minimum schedule time. The certCheckerErrorSchedule property is reset to {1}.
CWPKI2072W: The ACME service could not read or write the historical ACME file at {0}. The error is ''{1}''.
CWPKI2073W: No account contact was specified. It is recommended to set this property in server configuration. If a key is lost or the account is compromised, access to the account is lost.
CWPKI2074W: The ACME service timed out waiting to be signaled that the HTTP port is open. An available HTTP port is required to complete a certificate request with an ACME certificate authority. The certificate request is attempted. The service waited for {0}.