debug log for certificate reject:

---

@ugisducmanis wrote:

PKI[6]: ---------Certificate--------:
Serial Number:
12:c7:45:8d:a2:bd:7d:84:4e:73:bf:75:08:3e:c7:69
Issuer: DC=lv, DC=customer, DC=it, CN=EVF-RootCA
Subject: DC=lv, DC=customer, DC=it, CN=EVF-RootCA

PKI[13]: pki_ossl_policy_select, pki_ossl_policy.c:545
PKI[9]: Policy search for cert 0
PKI[13]: pki_policy_iterate, pki_ossl_policy.c:222
PKI[13]: get_policy_list, pki_ossl_policy.c:105
PKI[13]: crypto_pki_get_ossl_env, pki_ossl.c:41
PKI[13]: pki_is_policy_match, pki_ossl_policy.c:348
PKI[9]: Evaluating policy _SmartCallHome_ServerCA for conn type 0x400
PKI[13]: finger_print_nonzero, pki_ossl_policy.c:72
PKI[9]: pki_is_policy_match: policy _SmartCallHome_ServerCA rejected. No matching fingerprint in chain
PKI[13]: pki_is_policy_match, pki_ossl_policy.c:348
PKI[9]: Evaluating policy _SmartCallHome_ServerCA2 for conn type 0x400
PKI[13]: finger_print_nonzero, pki_ossl_policy.c:72
PKI[9]: pki_is_policy_match: policy _SmartCallHome_ServerCA2 rejected. No matching fingerprint in chain
PKI[13]: pki_is_policy_match, pki_ossl_policy.c:348
PKI[9]: Evaluating policy ASDM_TrustPoint1 for conn type 0x400
PKI[13]: finger_print_nonzero, pki_ossl_policy.c:72
PKI[9]: pki_is_policy_match: policy ASDM_TrustPoint1 rejected. No matching fingerprint in chain
PKI[13]: pki_is_policy_match, pki_ossl_policy.c:348
PKI[9]: Evaluating policy ASDM_TrustPoint0 for conn type 0x400
PKI[13]: finger_print_nonzero, pki_ossl_policy.c:72
PKI[9]: pki_is_policy_match: policy ASDM_TrustPoint0 rejected. No matching fingerprint in chain
PKI[13]: pki_is_policy_match, pki_ossl_policy.c:348
PKI[9]: Evaluating policy ASDM_TrustPoint0-1 for conn type 0x400
PKI[13]: finger_print_nonzero, pki_ossl_policy.c:72
PKI[9]: pki_is_policy_match: policy ASDM_TrustPoint0-1 rejected. No matching fingerprint in chain
PKI[13]: pki_is_policy_match, pki_ossl_policy.c:348
PKI[9]: Evaluating policy EVF-RootCA for conn type 0x400
PKI[13]: finger_print_nonzero, pki_ossl_policy.c:72
PKI[9]: pki_is_policy_match: policy EVF-RootCA rejected. No matching fingerprint in chain
PKI[13]: pki_is_policy_match, pki_ossl_policy.c:348
PKI[9]: Evaluating policy Trustpool for conn type 0x400
PKI[13]: finger_print_nonzero, pki_ossl_policy.c:72
PKI[9]: pki_is_policy_match: policy Trustpool rejected. Cert match required

---

Best Regards,
Ugis