FCU error codes and validation notices
This page lists the error codes you might encounter in FCU.
Some errors might include notices about validation errors.
Error codes
| Error code | Message |
|---|---|
| 100 | General error: <ERROR_TYPE> |
| 101 | Device <serial number/endpoint name> is mandatory. |
| 102 | Failed to get <DTLS_KEY_NAME> DTLS private key. |
| 103 | Failed to get <DTLS_KEY_NAME> DTLS certificate. |
| 104 | Failed to get <DTLS_KEY_NAME> DTLS private key and certificate. |
| 105 | Failed to get Entropy. |
| 106 | Bad type FCU argument <INPUT_ARG>. |
| 110 | Device protocol <PROTOCOL_VERSION> does not match tool protocol <PROTOCOL_VERSION>. |
| 111 | The device-certificate-chain-depth configuration is greater than the actual chain length for <CERTIFICATE_CHAIN_NAME>. |
| 112 | The device-certificate-chain-depth configuration is not defined for certificate chain <CERTIFICATE_CHAIN_NAME>. |
| 180 | Device response does not contain <FIELD_NAME> field. |
| 190 | Error loading configuration file: <FILE_NAME>. |
| 195 | Configuration file: <FILE_NAME> not found |
| 197 | There is no permission to open file: <FILE_NAME>. |
| 198 | 'File <FILE_NAME>defined in environment variable <ENV_NAME> does not exist. |
| 199 | 'File <FILE_NAME> not found in application home path <PATH>. Home path can be set using environment variable FCU_HOME_DIR. |
| 200 | Invalid configuration file <FILE_NAME>. File should be in Yml format. |
| 201 | Invalid configuration file <FILE_NAME>. Invalid attributes were found. |
| 210 | CA certificate file <FILE_NAME> not found. Please run setup and try again. |
| 211 | Failed to load CA certificate file <FILE_NAME> file may be corrupted or in wrong format. Please run setup and try again. |
| 212 | CA certificate file not found. Please sign the CSR file <CSR_FILE_NAME>, and save the created certificate as <CERTIFICATE_FILE_NAME>. Please note the certificate must be uploaded to the portal. |
| 220 | CA key file <FILE_NAME> not found. Please run setup and try again. |
| 221 | Failed to load CA private key file <FILE_NAME> file may be corrupted or in wrong format. Please run setup and try again. |
| 222 | CA certificate <FILE_NAME> does not match CA private key does not match CA private key <FILE_NAME>. Please run setup and try again. |
| 223 | CA certificate <FILE_NAME> is not allowed to sign additional certificates. |
| 224 | CA certificate <FILE_NAME> public key curve is not elliptic curve secp256r1. |
| 225 | CA certificate <FILE_NAME> signature algorithm is not SHA256. |
| 226 | CA certificate <FILE_NAME> subject field should not be empty. |
| 230 | Invalid signature for certificate signing request. |
| 240 | Failed to load private key from file <FILE_NAME>. |
| 245 | Failed to load certificate from file <FILE_NAME>. |
| 246 | Ambiguous certificate file: Both <FILE_NAME> and <FILE_NAME> exist. |
| 247 | Ambiguous private key file: Both <FILE_NAME> and <FILE_NAME> exist. |
| 250 | Failed to create private key for <DTLS_KEY_NAME>. |
| 260 | Failed to create certificate signing request for <DTLS_KEY_NAME>. |
| 270 | Failed to create certificate for <DTLS_KEY_NAME>. |
| 273 | Failed to create certificate for <DTLS_KEY_NAME>; validity period cannot exceed FCU CA certificate expiration. |
| 290 | File <FILE_NAME> already exists. |
| 300 | Failed to load entropy from file <FILE_NAME>. |
| 320 | Failed to create certificate. |
| 330 | Failed to create private key. |
| 340 | Failed to generate proof of possession. |
| 350 | Setup requires a valid account id. |
| 360 | Could not load file: <FILE_NAME> specified in the configuration file property <FILE_PROPERTY> |
| 380 | Validation error in field: <FILE_NAME>. Message: <VALIDATION_MESSAGE>. |
| 390 | <FILE_NAME> is not an X.509 certificate or not formatted in PEM or DER. |
| 391 | <FILE_NAME> is not a valid public key or not formatted in PEM or DER. |
| 400 | Validation error in FCU configuration file. |
| 410 | Validation error in CA certificate. |
| 420 | Operation <operation name> is not supported. |
| 430 | <field name> is mandatory. |
| 440 | Failed to parse device response. |
| 450 | CSR is invalid or not in DER format. |
| 460 | CSR name {} not found in custom-properties. |
| 461 | The following {} are in custom-properties but not received from device. |
FCU validation notices
| Error code | Message |
|---|---|
| 100 | Validation general notice in field: <FIELD_NAME> |
| 101 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Must not exist with Use-Bootstrap: True |
| 102 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Must not exist with Use-Bootstrap: False |
| 103 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Must not exist with Time-Sync: False |
| 104 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Invalid value. Actual value: <VALUE>> |
| 105 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Missing recommended field. |
| 106 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Cannot use First-To-Claim with Use-Bootstrap: False |
| 107 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Invalid URL- should contain account ID and have 'coap://' or 'coaps://' scheme. Actual value: <VALUE> |
| 108 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Invalid URL- should not contain account ID and have 'coap://' or 'coaps://' scheme. Actual value: <VALUE> |
| 109 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Invalid Enrollment-id, value does not match Device Bootstrap Certificate. |
| 110 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Must not exist with First-To-Claim: False |
| 111 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Entropy should not be provided when generated by device |
| 121 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Invalid X.509 certificate value. |
| 122 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate public key Elliptic Curve is not <ECC_CURVE_TYPE>. |
| 123 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate public key is not Elliptic Curve Public Key. |
| 124 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate signature hash algorithm is not SHA256. |
| 125 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate Valid-From is not earlier than current time <CURRENT_TIME>. |
| 126 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate expiration time is not longer than 10 years. |
| 127 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate should not be self-signed. |
| 128 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. CN subfield of the subject field doesn't match the EndpointName. |
| 129 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. OU sub-field of subject field doesn't match the 'aid' provided as part of the 'LwM2M server URI'. |
| 130 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate shall only allow 'client auth' extended key usage. |
| 131 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Failure during Private Key loading - not valid ECC Private Key. |
| 132 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Private Key is not valid Elliptic Curve Private Key. |
| 133 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Private Key Elliptic Curve is not secp256r1. |
| 134 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. The Public Key does not correspond to the Private Key. |
| 135 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Validation of <VALIDATED_ATTRIBUTE> was not completed. |
| 136 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Bootstrap server URL and Lwm2m server URL should contain the same account ID. |
| 137 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate authority requires at least one name attribute. |
| 138 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate subject field should not be empty. |
| 139 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate shall only allow 'code signing' extended key usage. |
| 141 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate Valid-From Value is earlier than the CA certificate Valid-From Value. |
| 142 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate Valid-To Value should not be later than the CA certificate Valid-To Value. |
| 143 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Invalid resource key file path: {}. |
| 144 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Public Key fingerprint do not match the key value. |
| 150 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Badly formed hexadecimal UUID string. |
| 201 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. 'No Bootstrap Mode' was selected. |
| 500 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Attribute 'data' or 'data-file' must be provided. |
| 501 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Name <NAME> already exists. |
| 502 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Attribute 'data' type should be integer,bool,str. Type dict only when 'type' equals 'generated-certificate-key-pair'. |
| 600 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Custom property is missing subject data for generating certificate key pair. |
| 1000 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. <CAUSE>. |
| 1002 | Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. required field. |
Notices by field
This is a list of validation notice codes, which are configured as either Warning or Ignore level.
Every notice code not listed here is considered Error level by default.
Each notice code refers to a field.
Device general information
| Field | Notice code - name | Level |
|---|---|---|
| EndpointName | All | Error |
| UseBootstrap | 201 - 'No Bootstrap Mode' was selected. | Warning |
Bootstrap configuration
This can be omitted if UseBootstrap is set to FALSE.
| Field | Notice code - name | Level |
|---|---|---|
| BootstrapServerURI | 102 - Must not exist with Use-Bootstrap: False | Warning |
| BootstrapServerCACert | 102 - Must not exist with Use-Bootstrap: False | Warning |
| BootstrapDeviceCert | 102 - Must not exist with Use-Bootstrap: False 127 - Certificate should not be self-signed. 125 - Certificate Valid-From is not earlier than current time. 126 - Certificate expiration time is not longer than 10 years. 130 - Certificate shall only allow client auth extended key usage. Note: If the BootstrapDeviceCert is a certificate chain, the end-entity certificate is validated with the device-certificate validations; otherwise, the system checks for a valid (Mbed-supported) crypto scheme. |
Warning |
| BootstrapDevicePrivateKey | All | Error |
LwM2M configuration
| Field | Notice code - name | Level |
|---|---|---|
| LwM2MServerURI | 101 - Must not exist with Use-Bootstrap: True. | Warning |
| LwM2MServerCACert | 101 - Must not exist with Use-Bootstrap: True | Warning |
| LwM2MDeviceCert | 101 - Must not exist with Use-Bootstrap: True 127 - Certificate should not be self-signed. 125 - Certificate Valid-From is not earlier than current time. 126 - Certificate expiration time is not longer than 10 years. 130 - Certificate shall only allow client auth extended key usage. Note: If the LwM2MDeviceCert is a certificate chain, the end-entity certificate is validated with the device-certificate validations; otherwise, the system checks for a valid (Mbed-supported) crypto scheme. |
Warning |
| LwM2MDevicePrivateKey | 101 - Must not exist with Use-Bootstrap: True | Warning |
LwM2M device object
| Field | Notice code - name | Level |
|---|---|---|
| Manufacturer | 1002 - Required field | Error |
| ModelNumber | 1002 - Required field | Error |
| SerialNumber | 1002 - Required field | Error |
| DeviceType | 1002 - Required field | Error |
| HardwareVersion | 1002 - Required field | Error |
| MemoryTotalKB | 1002 - Required field | Error |
Time synchronization (part of LwM2M device object)
| Field | Notice code - name | Level |
|---|---|---|
| CurrentTime | 103 - Must not exist with Time-Sync: False | Warning |
| Timezone | 103 - Must not exist with Time-Sync: False | Warning |
| UTCOffset | 103 - Must not exist with Time-Sync: False | Warning |
Update auth (for firmware update)
| Field | Notice code - name | Level |
|---|---|---|
| UpdateAuthCert | 105 - Missing recommended field. 125 - Certificate Valid-From is not earlier than current time. 126 - Certificate expiration time is not longer than 10 years. 130 - Certificate shall only allow 'client auth' extended key usage. |
Warning |