IKYC057I SCEP request for client name client-name rejected by {SemiauthenticatedClient | UnauthenticatedClient | SubsequentRequest | RenewalRequest} directive.
Explanation
PKI Services is processing a Simple Certificate Enrollment Protocol (SCEP) request for a PKI operation from a SCEP client. The certificate template used to preregister the named SCEP client contains a directive in the PREREGISTER section indicating that the request should be rejected. The directive is displayed in the message.
System action
PKI Services rejects the SCEP request. The rejected certificate request is recorded in the request database.
System programmer response
Determine whether the SCEP client should request certificates from PKI Services. If so, reconfigure the SCEP client to remove any existing certificate request entries and start the certificate request from the beginning using a new key-pair and a new self-signed certificate. Create or re-create a PKI Services preregistration record as needed. Also, ensure that the SCEP client is using a subject name that is consistent with the preregistration record. Make corrections to the SCEP client or delete and re-create the preregistration record as needed. For more information, see Enabling Simple Certificate Enrollment Protocol (SCEP).