错误消息：内部错误。请联系您的管理员 (Internal error. Please contact your administrator)

在 /opt/vmware/gateway/logs/authbroker.log 中查找以下消息

"OSCP validation of CN=clientCert, OU=EUC, O=<org name>, ST=<state name>, C=IN failed with "Could not send OCSP request to responder: Connection refused (Connection refused) , will attempt CRL validation"

此消息表示“X.509 证书”中配置的 OCSP URL 不可访问或不正确。

OCSP 证书无效时发生的错误

"revocation.RevocationCheck: OSCP validation of CN=clientCert failed with "Could not verify signing certificate for OCSP responder:http://asdkad01/ocsp". will attempt CRL validation."

当上载了无效的 OCSP 证书，或者 OCSP 证书被吊销时，会显示上述错误。

OCSP 响应验证失败时发生的错误

"WARN ocsp.BouncyCastleOCSPHandler: Failed to verify OCSP response: CN=asdkAD01.Asdk.ADrevocation.RevocationCheck: 08/23 14:25:49,975" [tomcat-http--26] WARN revocation.RevocationCheck: OSCP validation of CN=clientCert failed with "Could not verify signing certificate for OCSP responder: http://asdkad01/ocsp". will attempt CRL validation."

OCSP 响应验证失败时，有时会显示上述错误。

错误消息：无法从以下会话检索客户端证书: <sessionId> (unable to retrieve client certificate from session: <sessionId>)