Skip to main content

Healthcheck errors and solutions

If the healthcheck command fails, troubleshoot the following.

Status: Not connected

Error message

--------- User credentials ------
Status: Not connected

Problem

This error can occur for multiple reasons:

  • You provided the correct host in the environment variable.

  • You provided the correct API token in the environment variable.

  • You have a stable internet connection.

  • If the organization's proxy is enabled, you need to add these settings to the environment variables.

Solution

You may need to troubleshoot a variety of areas:

  • Compare the host listed in the healthcheck command output to this list of hosts.

  • Compare the last two digits the API key listed in the healthcheck command output to the last two digits of your API key in DigiCert ONE.

    작은 정보

    To identify existing API keys for your user:

    1. Sign in to DigiCert ONE.

    2. Click Profile icon (top-right).

    3. Select Admin Profile.

    4. Identify the On this page section (right), select API tokens.

Your client certificate path or password is incorrect (1FA)

Error message

--------- User credentials ------
Status: Connected
Your client certificate path or password is incorrect. You will not be able to complete specific actions (such as sign, generate keypairs and approve releases) until these credentials are corrected.

Problem

Your host environment and API key (first factor of authentication) are correct, however SMCTL was unable to authenticate your client certificate (second factor of authentication). This means that the path to your client authentication certificate or it's password is incorrect. Two factor authentication is required to perform specific actions, such as: sign, generate keypairs, scan your software with Threat detection, and approve releases. If you try and perform one of these actions with only one factor of authentication, you will receive the following error:

status_code=403, message={"error":{"status":"access_denied","message":"User is not multi-factor authenticated. Missing Client Authentication Certificate. As per compliance rules, user needs to be authenticated using multi-factor for performing <action> operation."}}, nested_error=<nil>

Solution

Ensure that the client authentication certificate path and password is correct. One of the follow methods may be useful:

  • Navigate to the client authentication certificate path listed in the healthcheck command output and confirm if the file name provided and path matches.

  • Compare the your client authentication certificate password listed in the healthcheck command output to your password to confirm that it is correct.

    참고

    If you have lost or forgotten your password, create a new client authentication certificate and securely store your password.