Page tree
Skip to end of metadata
Go to start of metadata

This section summarizes error codes used in SCMS interfaces across all use cases.

RA-EE Errors

This table contains all RA-EE interface errors. A production stage RA always returns a HTTP status code 500 (HTTP Status Code PROD) to an EE if an error occurs and it is able to respond. A QA stage RA will return more detailed HTTP status codes (HTTP Status Code QA) and SCMS specific HTTP headers with detailed error information (SCMS-POC-Error resp. SCMS-POC-Error-Message).

KeySummaryEE / SCMSHTTP Status CodeSCMS-Error-CodeError MessageAdditional information
SCMS-964Error code: raNoCertFileAvailableSCMS5005065Requested certificate file is not available for download
SCMS-976Error code: raInvalidURLSCMS5005072Invalid URL sent in download request
SCMS-978Error code: raAuthenticationFailedSCMS5005067EE authentication failed

Any of the 1609.2 data layers cannot be validated. It can be caused by failed signature verification, untrusted certificates, or bad encryption.

Please see EE-RA Communications - General Guidance and the respective RA - Services View documentation

SCMS-981Error code: raNoPcaCertificateChainFileAvailableSCMS5005068

Requested certificate chain file not available for download

SCMS-983Error code: raNoInfoFileAvailableSCMS5005069Requested .info file is not available for download
SCMS-987Error code: raWrongParametersSCMS5005070EE request contained invalid parameter values
SCMS-990Error code: raMoreThanAllowedTriesSCMS5005071EE exceeded retry limit
SCMS-1065Error code: raBlacklistedSCMS5005055Enrollment certificate blacklisted
SCMS-1068Error code: raRequestForMultipleCertsSCMS5005056Multiple application certificates requests for same PSID/SSP
SCMS-1070Error code: raDuplicateRequestReceivedSCMS5005057Duplicate request received
SCMS-1082Error code: raInvalidSignatureSCMS5005058Invalid signature or signature missing
SCMS-1083Error code: raRequestNotEncryptedSCMS


5059Request not encrypted
SCMS-1084Error code: raInvalidCredentialsSCMS5005060EE used invalid credentials (blacklisted, expired, unauthorized)
SCMS-1085Error code: raUnauthorizedRequestSCMS5005061Unauthorized request (invalid permissions)
SCMS-1087Error code: raMismatchSCMS5005063

EE attempted to contact an RA that does not have it on the white list

SCMS-1088Error code: raInvalidTimeReceivedSCMS5005064Invalid timestamp sent
RA-EE Errors

SCMS Errors

This table contains SCMS interface errors that are sent among SCMS components. 

KeySummaryEE / SCMSHTTP Status CodeSCMS-Error-CodeError Message
SCMS-789Error code: InternalTimeoutSCMS5005001Internal timeout. Request could not be processed in time.
SCMS-792Error code: noMaAuthorizationSignatureSCMS4015002MA signature missing
SCMS-793Error code: pcaInvalidMaAuthorizationSignatureSCMS4015003Signature invalid
SCMS-795Error code: pcaInvalidInputValueFormatSCMS4005004Request values improperly formatted
SCMS-796Error code: pcaInvalidLinkageValueSCMS4005005Invalid linkage value send
SCMS-804Error code: pcaNumberOfLinkageValuesExceededSCMS4005006Number of linkage values above threshold
SCMS-812Error code: raInvalidHashRequestSCMS4005007Invalid RA-PCA request hash send
SCMS-820Error code: raNumberOfRequestsExceededSCMS4005008Number of linkage values above threshold
SCMS-829Error code: raInvalidLinkageValueSCMS4005009Invalid linkage value send
SCMS-844Error code: laInvalidLinkageValueSCMS4005010Invalid LCI value send
SCMS-851Error code: laNumberOfLciValuesExceededSCMS4005011Number of LCI values above threshold
SCMS-875Error code: pcaInvalidInputValueFormatSCMS4005012Request values improperly formatted
SCMS-876Error code: pcaInvalidLinkageValueSCMS4005013Invalid linkage value send
SCMS-884Error code: pcaNumberOfLinkageValuesExceededSCMS4005014Number of linkage values above threshold
SCMS-892Error code: laInvalidInputValueFormatSCMS4005015Request values improperly formatted
SCMS-893Error code: laInvalidPrelinkageValuePresentedSCMS4005016Invalid encrypted pre-linkage value send
SCMS-900Error code: laNumberOfLinkageValuesExceededSCMS4005017Number of linkage values above threshold
SCMS-910Error code: raInvalidInputValueFormatSCMS4005018Request values improperly formatted
SCMS-917Error code: raCertificateAlreadyBlacklistedSCMS4005020Enrollment certificate already blacklisted
SCMS-929Error code: raInvalidRIFValueSCMS4005022Invalid RIF value send
SCMS-936Error code: raNumberOfRequestsExceededSCMS4005023Number of RIF values above threshold
SCMS-1041Error Code: pcaAuthFailureSCMS4015044PCA could not authenticate LA
SCMS-1043Error code: raAuthFailureSCMS4015046RA could not authenticate LA
SCMS-1045Error code: maAuthFailureSCMS4015048MA failed to authenticate LA
SCMS-1277Error code: pcaCertificateEncryptionFailedSCMS5005066PCA unable to encrypt certificate
SCMS Errors

SCMS Error Log Values

This table contains SCMS error conditions that are added to a local error log but not returned or communicated directly to another component.  In most cases, a log entry is the end of processing for an error condition.  In other words, once one of these values is captured in a log, there are no other programmatic steps performed by the system.  These log values are created for debugging or administrative purposes.  In the future, automated monitoring may use these values to take corrective action or alert system managers, but for now they are just saved in a log.

KeySummaryEE / SCMSError Message
SCMS-988Error code: raRetriesSCMSThe value is saved to the log, no error is returned.
SCMS-1014Error code: maDecryptionFailedSCMSMA unable to decrypt misbehavior report
SCMS-1026Error code: authCAAuthenticationFailedSCMSThe value is saved to the log, no error is returned.
SCMS-1031Error code: tcComponentAddressingInfoInvalidSCMSThe value is saved to the log, no error is returned.
SCMS-1032Error code: tcComponentUnreachableSCMSThe value is saved to the log, no error is returned.
SCMS-1033Error Code: issuedCertInvalidSCMSThe value is saved to the log, no error is returned.
SCMS-1042Error code: laEncFailureSCMSThe value is saved to the log, no error is returned.
SCMS-1044Error code: laEncFailureSCMSLA could not establish TLS link with RA
SCMS-1046Error code: laEncFailureSCMSLA could not establish TLS link with MA
SCMS-1047Error code: tcNotifyDCMListFailureSCMSThe value is saved to the log, no error is returned.
SCMS-1048Error code: tcNotifyDCMAuthenticationFailureSCMS

The value is saved to the log, no error is returned.

SCMS-1056Error code: crlNotAvailableSCMSThe value is saved to the log, no error is returned.
SCMS Error Log Values

Standard HTTP Error Codes

This table contains a list of standard HTTP error codes for reference. The source of this information including description is Wikipedia as of September 30, 2016.

HTTP Error Code NumberSummaryDescription
Client Error Responses
400Bad Request

The server cannot or will not process the request due to an apparent client error.

(e.g., malformed request syntax, invalid request message framing, or deceptive request routing)


Similar to 403 Forbidden, but specifically for use when authentication is required and has failed or has not yet been provided.

The response must include a WWW-Authenticate header field containing a challenge applicable to the requested resource.

402Payment Required

Reserved for future use. The original intention was that this code might be used as part of some form of digital cash or micro-payment scheme, but that has not happened and this code is not usually used.


The request was a valid request, but the server is refusing to respond to it. 403 error semantically means "unauthorized,"

i.e., the user does not have the necessary permissions for the resource.

404Not FoundThe requested resource could not be found but may be available in the future. Subsequent requests by the client are permissible.
405Method Not Allowed

A request method is not supported for the requested resource; for example, a GET request on a form which requires data to be presented via POST,

or a PUT request on a read-only resource.

406Not AcceptableThe requested resource is capable of generating only content not acceptable according to the Accept headers sent in the request.
407Proxy Authentication RequiredThe client must first authenticate itself with the proxy.
408Request Timeout

The server timed out waiting for the request. According to HTTP specifications:

"The client did not produce a request within the time that the server was prepared to wait." The client MAY repeat the request without modifications at any later time.

409ConflictIndicates that the request could not be processed because of conflict in the request, such as an edit conflict between multiple simultaneous updates.
410GoneIndicates that the resource requested is no longer available and will not be available again. This should be used when a resource has been intentionally removed and the resource should be purged. Upon receiving a 410 status code, the client should not request the resource in the future. Clients such as search engines should remove the resource from their indices.
411Length RequiredThe request did not specify the length of its content, which is required by the requested resource
412Precondition FailedThe server does not meet one of the preconditions that the requester put on the request
413Payload Too LargeThe request is larger than the server is willing or able to process. Previously called "Request Entity Too Large."
414URI Too LongThe URI provided was too long for the server to process. Often the result of too much data being encoded as a query-string of a GET request, in which case it should be converted to a POST request.
415Unsupported Media TypeThe request entity has a media type which the server or resource does not support. For example, the client uploads an image as image/svg+xml, but the server requires that images use a different format.
416Requested Range Not SatisfiableThe client has asked for a portion of the file (byte serving), but the server cannot supply that portion. For example, if the client asked for a part of the file that lies beyond the end of the file.
417Expectation FailedThe server cannot meet the requirements of the Expect request-header field
418I'm a teapotThis code was defined in 1998 as one of the traditional IETF April Fools' jokes, in RFC 2324
421Misdirected RequestThe request was directed at a server that is not able to produce a response
426Upgrade RequiredThe client should switch to a different protocol such as TLS/1.0, given in the Upgrade header field
428Precondition RequiredThe origin server requires the request to be conditional. Intended to prevent "the 'lost update' problem, where a client GETs a resource's state, modifies it, and PUTs it back to the server, while meanwhile a third party has modified the state on the server, leading to a conflict."
429Too Many RequestsThe user has sent too many requests in a given amount of time. Intended for use with rate limiting schemes
431Request Header Fields Too LargeThe server is unwilling to process the request because either an individual header field, or all the header fields collectively, are too large
Server Error Responses
500Internal Server ErrorA generic error message, given when an unexpected condition was encountered and no more specific message is suitable
501Not ImplementedThe server either does not recognize the request method, or it lacks the ability to fulfill the request
502Bad GatewayThe server was acting as a gateway or proxy and received an invalid response from the upstream server
503Service UnavailableThe server is currently unavailable (because it is overloaded or down for maintenance). Generally, this is a temporary state.
504Gateway TimeoutThe server was acting as a gateway or proxy and did not receive a timely response from the upstream server
505HTTP Version Not SupportedThe server does not support the HTTP protocol version used in the request
506Variant Also NegotiatesTransparent content negotiation for the request results in a circular reference
507Insufficient StorageThe server is unable to store the representation needed to complete the request
511Network Authentication Required

The client needs to authenticate to gain network access. Intended for use by intercepting proxies used to control access to the network

Standard HTTP Error Codes