Mistake on this page? Email us

FCU error codes and validation notices

This page lists the error codes you might encounter in FCU.

Some errors might include notices about validation errors.

Error codes

Error code Message
100 General error: <ERROR_TYPE>
101 Device <serial number/endpoint name> is mandatory.
102 Failed to get <DTLS_KEY_NAME> DTLS private key.
103 Failed to get <DTLS_KEY_NAME> DTLS certificate.
104 Failed to get <DTLS_KEY_NAME> DTLS private key and certificate.
105 Failed to get Entropy.
106 Bad type FCU argument <INPUT_ARG>.
110 Device protocol <PROTOCOL_VERSION> does not match tool protocol <PROTOCOL_VERSION>.
111 The device-certificate-chain-depth configuration is greater than the actual chain length for <CERTIFICATE_CHAIN_NAME>.
112 The device-certificate-chain-depth configuration is not defined for certificate chain <CERTIFICATE_CHAIN_NAME>.
180 Device response does not contain <FIELD_NAME> field.
190 Error loading configuration file: <FILE_NAME>.
195 Configuration file: <FILE_NAME> not found
197 There is no permission to open file: <FILE_NAME>.
198 'File <FILE_NAME>defined in environment variable <ENV_NAME> does not exist.
199 'File <FILE_NAME> not found in application home path <PATH>. Home path can be set using environment variable FCU_HOME_DIR.
200 Invalid configuration file <FILE_NAME>. File should be in Yml format.
201 Invalid configuration file <FILE_NAME>. Invalid attributes were found.
210 CA certificate file <FILE_NAME> not found. Please run setup and try again.
211 Failed to load CA certificate file <FILE_NAME> file may be corrupted or in wrong format. Please run setup and try again.
212 CA certificate file not found. Please sign the CSR file <CSR_FILE_NAME>, and save the created certificate as <CERTIFICATE_FILE_NAME>. Please note the certificate must be uploaded to the portal.
220 CA key file <FILE_NAME> not found. Please run setup and try again.
221 Failed to load CA private key file <FILE_NAME> file may be corrupted or in wrong format. Please run setup and try again.
222 CA certificate <FILE_NAME> does not match CA private key does not match CA private key <FILE_NAME>. Please run setup and try again.
223 CA certificate <FILE_NAME> is not allowed to sign additional certificates.
224 CA certificate <FILE_NAME> public key curve is not elliptic curve secp256r1.
225 CA certificate <FILE_NAME> signature algorithm is not SHA256.
226 CA certificate <FILE_NAME> subject field should not be empty.
230 Invalid signature for certificate signing request.
240 Failed to load private key from file <FILE_NAME>.
245 Failed to load certificate from file <FILE_NAME>.
246 Ambiguous certificate file: Both <FILE_NAME> and <FILE_NAME> exist.
247 Ambiguous private key file: Both <FILE_NAME> and <FILE_NAME> exist.
250 Failed to create private key for <DTLS_KEY_NAME>.
260 Failed to create certificate signing request for <DTLS_KEY_NAME>.
270 Failed to create certificate for <DTLS_KEY_NAME>.
273 Failed to create certificate for <DTLS_KEY_NAME>; validity period cannot exceed FCU CA certificate expiration.
290 File <FILE_NAME> already exists.
300 Failed to load entropy from file <FILE_NAME>.
320 Failed to create certificate.
330 Failed to create private key.
340 Failed to generate proof of possession.
350 Setup requires a valid account id.
360 Could not load file: <FILE_NAME> specified in the configuration file property <FILE_PROPERTY>
380 Validation error in field: <FILE_NAME>. Message: <VALIDATION_MESSAGE>.
390 <FILE_NAME> is not an X.509 certificate or not formatted in PEM or DER.
391 <FILE_NAME> is not a valid public key or not formatted in PEM or DER.
400 Validation error in FCU configuration file.
410 Validation error in CA certificate.
420 Operation <operation name> is not supported.
430 <field name> is mandatory.
440 Failed to parse device response.
450 CSR is invalid or not in DER format.
460 CSR name {} not found in custom-properties.
461 The following {} are in custom-properties but not received from device.

FCU validation notices

Error code Message
100 Validation general notice in field: <FIELD_NAME>
101 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Must not exist with Use-Bootstrap: True
102 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Must not exist with Use-Bootstrap: False
103 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Must not exist with Time-Sync: False
104 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Invalid value. Actual value: <VALUE>>
105 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Missing recommended field.
106 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Cannot use First-To-Claim with Use-Bootstrap: False
107 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Invalid URL- should contain account ID and have 'coap://' or 'coaps://' scheme. Actual value: <VALUE>
108 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Invalid URL- should not contain account ID and have 'coap://' or 'coaps://' scheme. Actual value: <VALUE>
109 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Invalid Enrollment-id, value does not match Device Bootstrap Certificate.
110 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Must not exist with First-To-Claim: False
111 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Entropy should not be provided when generated by device
121 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Invalid X.509 certificate value.
122 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate public key Elliptic Curve is not <ECC_CURVE_TYPE>.
123 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate public key is not Elliptic Curve Public Key.
124 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate signature hash algorithm is not SHA256.
125 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate Valid-From is not earlier than current time <CURRENT_TIME>.
126 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate expiration time is not longer than 10 years.
127 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate should not be self-signed.
128 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. CN subfield of the subject field doesn't match the EndpointName.
129 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. OU sub-field of subject field doesn't match the 'aid' provided as part of the 'LwM2M server URI'.
130 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate shall only allow 'client auth' extended key usage.
131 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Failure during Private Key loading - not valid ECC Private Key.
132 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Private Key is not valid Elliptic Curve Private Key.
133 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Private Key Elliptic Curve is not secp256r1.
134 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. The Public Key does not correspond to the Private Key.
135 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Validation of <VALIDATED_ATTRIBUTE> was not completed.
136 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Bootstrap server URL and Lwm2m server URL should contain the same account ID.
137 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate authority requires at least one name attribute.
138 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate subject field should not be empty.
139 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate shall only allow 'code signing' extended key usage.
141 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate Valid-From Value is earlier than the CA certificate Valid-From Value.
142 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Certificate Valid-To Value should not be later than the CA certificate Valid-To Value.
143 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Invalid resource key file path: {}.
144 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Public Key fingerprint do not match the key value.
150 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Badly formed hexadecimal UUID string.
201 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. 'No Bootstrap Mode' was selected.
500 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Attribute 'data' or 'data-file' must be provided.
501 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Name <NAME> already exists.
502 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Attribute 'data' type should be integer,bool,str. Type dict only when 'type' equals 'generated-certificate-key-pair'.
600 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. Custom property is missing subject data for generating certificate key pair.
1000 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. <CAUSE>.
1002 Validation notice number <NOTICE_CODE> in field:<FIELD_NAME>. required field.

Notices by field

This is a list of validation notice codes, which are configured as either Warning or Ignore level.

Every notice code not listed here is considered Error level by default.

Each notice code refers to a field.

Device general information

Field Notice code - name Level
EndpointName All Error
UseBootstrap 201 - 'No Bootstrap Mode' was selected. Warning

Bootstrap configuration

This can be omitted if UseBootstrap is set to FALSE.

Field Notice code - name Level
BootstrapServerURI 102 - Must not exist with Use-Bootstrap: False Warning
BootstrapServerCACert 102 - Must not exist with Use-Bootstrap: False Warning
BootstrapDeviceCert 102 - Must not exist with Use-Bootstrap: False
127 - Certificate should not be self-signed.
125 - Certificate Valid-From is not earlier than current time.
126 - Certificate expiration time is not longer than 10 years.
130 - Certificate shall only allow client auth extended key usage.

Note: If the BootstrapDeviceCert is a certificate chain, the end-entity certificate is validated with the device-certificate validations; otherwise, the system checks for a valid (Mbed-supported) crypto scheme.
Warning
BootstrapDevicePrivateKey All Error

LwM2M configuration

Field Notice code - name Level
LwM2MServerURI 101 - Must not exist with Use-Bootstrap: True. Warning
LwM2MServerCACert 101 - Must not exist with Use-Bootstrap: True Warning
LwM2MDeviceCert 101 - Must not exist with Use-Bootstrap: True
127 - Certificate should not be self-signed.
125 - Certificate Valid-From is not earlier than current time.
126 - Certificate expiration time is not longer than 10 years.
130 - Certificate shall only allow client auth extended key usage.

Note: If the LwM2MDeviceCert is a certificate chain, the end-entity certificate is validated with the device-certificate validations; otherwise, the system checks for a valid (Mbed-supported) crypto scheme.
Warning
LwM2MDevicePrivateKey 101 - Must not exist with Use-Bootstrap: True Warning

LwM2M device object

Field Notice code - name Level
Manufacturer 1002 - Required field Error
ModelNumber 1002 - Required field Error
SerialNumber 1002 - Required field Error
DeviceType 1002 - Required field Error
HardwareVersion 1002 - Required field Error
MemoryTotalKB 1002 - Required field Error

Time synchronization (part of LwM2M device object)

Field Notice code - name Level
CurrentTime 103 - Must not exist with Time-Sync: False Warning
Timezone 103 - Must not exist with Time-Sync: False Warning
UTCOffset 103 - Must not exist with Time-Sync: False Warning

Update auth (for firmware update)

Field Notice code - name Level
UpdateAuthCert 105 - Missing recommended field.
125 - Certificate Valid-From is not earlier than current time.
126 - Certificate expiration time is not longer than 10 years.
130 - Certificate shall only allow 'client auth' extended key usage.
Warning