/* Preface for per-certificate errors. First argument is a number, second argument is the certificate name/description. */ "Certificate %ld “%@” has errors: " = "Certificate %1$ld “%2$@” has errors: "; /* Error for blocked certificates. Argument is the certificate name/description. */ "“%@” certificate is blocked" = "“%@” certificate is blocked"; /* Error for revoked certificates. Argument is the certificate name/description. */ "“%@” certificate is revoked" = "“%@” certificate is revoked"; /* Error for certificates with weak key sizes. Argument is the certificate name/description. */ "“%@” certificate is using a broken key size" = "“%@” certificate is using a broken key size"; /* Error for certificates with weak signatures. Argument is the certificate name/description. */ "“%@” certificate is using a broken signature algorithm" = "“%@” certificate is using a broken signature algorithm"; /* Error for certificates with deny trust settings. Argument is the certificate name/description. */ "User or administrator set “%@” certificate as distrusted" = "User or administrator set “%@” certificate as distrusted"; /* Error for certificates that violate standards. Argument is the certificate name/description. */ "“%@” certificate is not standards compliant" = "“%@” certificate is not standards compliant"; /* Error for certificates that are expired. Argument is the certificate name/description. */ "“%@” certificate is expired" = "“%@” certificate is expired"; /* Error for certificates that are not trusted. Argument is the certificate name/description. */ "“%@” certificate is not trusted" = "“%@” certificate is not trusted"; /* Error for certificates whose names do not match the policy. Argument is the certificate name/description. */ "“%@” certificate name does not match input" = "“%@” certificate name does not match input"; /* Error for certificates whose usages do not match the policy. Argument is the certificate name/description. */ "“%@” certificate is not permitted for this usage" = "“%@” certificate is not permitted for this usage"; /* Error for certificates that do not meet pinning requirements. Argument is a list of certificate names/descriptions. */ "%@ certificates do not meet pinning requirements" = "%@ certificates do not meet pinning requirements"; /* Error for unknown error. Argument is the certificate name/description. */ "Unknown trust error for “%@” certificate" = "Unknown trust error for “%@” certificate"; /* Error for SSL hostname mismatch */ "SSL hostname does not match name(s) in certificate" = "SSL hostname does not match name(s) in certificate"; /* Error for email mismatch */ "Email address does not match name(s) in certificate" = "Email address does not match name(s) in certificate"; /* Error for temporal validity */ "Certificate is not temporally valid" = "Certificate is not temporally valid"; /* Error for weak keys */ "Certificate is using a broken key size" = "Certificate is using a broken key size"; /* Error for weak signatures */ "Certificate is using a broken signature algorithm" = "Certificate is using a broken signature algorithm"; /* Error for key usage mismatch */ "Key usage does not match certificate usage" = "Key usage does not match certificate usage"; /* Error for extended key usage mismatch */ "Extended key usage does not match certificate usage" = "Extended key usage does not match certificate usage"; /* Error for subject/issuer common name mismatch */ "Common Name does not match expected name" = "Common Name does not match expected name"; /* Error for subject/issuer organization mismatch */ "Organization does not match expected name" = "Organization does not match expected name"; /* Error for subject organizational unit mismatch */ "Organizational Unit does not match expected name" = "Certificate Organizational Unit does not match expected name"; /* Error for not before date */ "Certificate issued before allowed time" = "Certificate issued before allowed time"; /* Error for EAP hostname mismatch */ "Trusted EAP hostname does not match name(s) in certificate" = "Trusted EAP hostname does not match name(s) in certificate"; /* Error for leaf marker OID */ "Missing project-specific extension OID" = "Missing project-specific extension OID"; /* Error for blocklisted certificates */ "Certificate is blocked" = "Certificate is blocked"; /* Error for graylisted certificates */ "Certificate is listed as untrusted" = "Certificate is listed as untrusted"; /* Error for missing basic constraints */ "Basic constraints are required but missing" = "Basic constraints are required but missing"; /* Error for CA basic constraints */ "Non-CA certificate used as a CA" = "Non-CA certificate used as a CA"; /* Error for path length basic constraints */ "Chain exceeded constrained path length" = "Chain exceeded constrained path length"; /* Error for intermediate public key pin */ "Public key does not match pinned value" = "Public key does not match pinned value"; /* Error for intermediate extended key usage pin */ "Extended key usage does not match pinned value" = "Extended key usage does not match pinned value"; /* Error for intermediate marker OID */ "Missing issuer-specific extension OID" = "Missing issuer-specific extension OID"; /* Error for issuer country mismatch */ "Country or Region does not match expected name" = "Country or Region does not match expected name"; /* Error for anchor SHA-256/SHA-1 fingerprint pin */ "Anchor does not match pinned fingerprint" = "Anchor does not match pinned fingerprint"; /* Error for untrusted root */ "Root is not trusted" = "Root is not trusted"; /* Error for missing intermediates */ "Unable to build chain to root (possible missing intermediate)" = "Unable to build chain to root (possible missing intermediate)"; /* Error for Apple anchor pin */ "Anchor is not an Apple root" = "Anchor is not an Apple root"; /* Error for empty subject name */ "Certificate missing a name" = "Certificate missing a name"; /* Error for bad key ID linkage */ "SubjectKeyID/AuthorityKeyID mismatch in chain" = "SubjectKeyID/AuthorityKeyID mismatch in chain"; /* Error for pinned key size */ "Key size is not permitted for this use" = "Key size is not permitted for this use"; /* Error for pinned hash algorithm */ "Signature hash algorithm is not permitted for this use" = "Signature hash algorithm is not permitted for this use"; /* Error for system-trust CT requirement */ "Certificate Transparency validation required for this use" = "Certificate Transparency validation required for this use"; /* Error for certificate policy marker OID */ "Missing project-specific Certificate Policy OID" = "Missing project-specific Certificate Policy OID"; /* Error for root temporal validity */ "Root is not temporally valid" = "Root is not temporally valid"; /* Error for unknown critical extensions */ "Found unknown critical extensions" = "Found unknown critical extensions"; /* Error for pinned chain length */ "Chain does not match expected path length" = "Chain does not match expected path length"; /* Error for certificates that violate standards */ "Certificate is not standards compliant" = "Certificate is not standards compliant"; /* Error for name constraints */ "Name constraints violated" = "Name constraints violated"; /* Error for policy constraints */ "Policy constraints violated" = "Policy constraints violated"; /* Error for graylisted keys */ "Key is listed as untrusted" = "Key is listed as untrusted"; /* Error for blocklisted keys */ "Key is blocked" = "Key is blocked"; /* Error for certificates with deny trust settings */ "User or administrator set certificate as distrusted" = "User or administrator set certificate as distrusted"; /* Error for required pinning */ "Pinning required but not used" = "Pinning required but not used"; /* Error for revocation */ "Certificate is revoked" = "Certificate is revoked"; /* Error for revocation required */ "Failed to check revocation" = "Failed to check revocation"; /* Error for missing Certificate Transparency validation */ "Certificate Transparency validation required but missing" = "Certificate Transparency validation required but missing"; /* Error for certificates that exceed the system's maximum temporal validity */ "Certificate exceeds maximum temporal validity period" = "Certificate exceeds maximum temporal validity period"; /* Error for unparseable known extensions */ "Unable to parse known extension" = "Unable to parse known extension"; /* Error for unexpected error details */ "Unexpected error detail" = "Unexpected error detail";