Identify signing errors
If you encounter errors while working with DigiCert® Software Trust Manager client tools, follow the methods below.
Signature logs
To identify the error message for a failed event in Software Trust Manager:
Sign in to DigiCert ONE.
Select the Manager menu (top right) > Software Trust.
Navigate to: Logs > Signature logs.
In the Status column, filter by Failure.
Identify and click on the date of the failed event.
To identify why the action failed, refer to the Error message field.
Sample
You cannot access this keypair. This keypair is restricted to a team. To resolve this issue, ensure that the team is active and that you are part of the team.
Dica
If the information provided in the signature logs are not sufficient to resolve your error, check the logs by following the instructions below.
Cryptographic library logs
When you encounter an error while signing via GPG SCD, CSP, PKSC11, KSP, or JCE, follow the procedure below:
To set the log level to TRACE, run the command:
Run the signing command that failed again.
To identify where your logs are located, run:
echo %USERPROFILE%/.signingmanager/logs
Copy the output of the command to navigate to the logs location.
Identify one of the log files based on the signing tool that was used to sign:
Open the log file.
To identify the the most recent event, scroll to the end of the logs.
The last few lines should explain why the error occurred.
If you are unable to resolve the error based on the information provided, contact Support and provide the log file.
CryptoTokenKit logs
When you encounter an error while using Codesign and Productsign via the Software Trust Manager CryptoTokenKit (CTK), follow the procedure below.
To view logs related to CTK activities you could run the following commands:
To fetch all logs which contain the string Digicert SSM Signing Clients:
log stream | grep “Digicert SSM Signing Clients”
To fetch all logs which contain the string TokenExtension:
log stream | grep TokenExtension
To identify the the most recent event, scroll to the end of the logs.
The last few lines should explain why the error occurred.
If you are unable to resolve the error based on the information provided, contact Support and provide the log file.