FortiWeb REST API Error Codes

Preface

Quick reference for error codes you could encounter when testing FortiWeb REST API.

The Error Codes

Error CodeError Message
10CMDB failed to be saved.
5System API error.
2CMDB API error.
1CLI internal error.
-1Invalid length of the value.
-2The value is out of range.
-3The entry is not found.
-4The maximum number of entries has been reached.
-5A duplicate entry has already existed.
-6Failed to allocate memory.
-7The value conflicts with system settings.
-8Invalid IP address.
-9Invalid IP netmask.
-10Invalid gateway address.
-11When the port is in DHCP mode, it’s IPv4 address can not be modified mannually.
-12When the port in DHCP mode, it’s IPv6 address can not be modified mannually.
-16Blank or incorrect address.
-20Blank entry.
-23The entry is used.
-24Error opening the file.
-25Error reading from the shared memory.
-26File error.
-27Error opening IP-MAC info file.
-28The file is not an updated file.
-29Invalid keytab file.
-30Invalid username or password.
-33MAC address is invalid.
-37Permission denied.
-38The downloading file does not exist.
-39Configuration file or password error.
-45Invalid IP range.
-46Invalid port range.
-49IP address isn’t in the same subnet as the gateway.
-50Input is in invalid format.
-52Uploaded file is too large or invalid.
-54IP address is in the same subnet as the others.
-56Empty value isn’t allowed.
-57Underline _ isn’t allowed.
-61Input is not as expected.
-66Unable to uncompress the gz file you provided.
-87Image CRC error.
-89Invalid number.
-90CLI parsing error.
-91Configuration file error.
-92Invalid arguments.
-93Invalid domain.
-94Error creating entry.
-95The maximum allocated quota is reached.
-96Failed to delete the table entry.
-100A duplicate username has already existed.
-120The IP address must include a subnet mask.
-130Invalid date input.
-131Invalid year input.
-132Invalid month input.
-133Invalid day input.
-134Invalid time input.
-135Invalid hour input.
-136Invalid minute input.
-137Invalid second input.
-140Failed to generate local certificate signing request.
-145The imported local certificate is invalid.
-146The imported CA certificate is invalid.
-147The certificate is being used.
-148There is already a certificate and/or private key with this/these filename(s). Please rename your certificate and/or private key so that they do not match the filename of an existing certificate.
-149The imported certificate is invalid.
-152Invalid encryption key.
-158Invalid VLAN ID.
-167Failed to import PKCS12 file.
-168Failed to export PKCS12 file.
-179Invalid Geo IP database file.
-180Unable to send your update request.
-191VLAN interfaces must share the same VLAN ID.
-202Single admin user login mode.
-203IP has been blocked.
-204Invalid username or password.
-205Your password has expired, please input a new password.
-206The new password does not conform to the password policy, please try again.
-207Your password does not conform to the password policy, please input a new password.
-208Your password has expired, please input a new password.
-209Your password does not conform to the password policy, please input a new password.
-210According to the password policy enforced on this device, please change your password.
-211Please enter the token.
-252Invalid port.
-282User canceled.
-302Failed to import remote certificate.
-360Command timeout.
-361Failed to add entry.
-515The name is a reserved keyword by the system.
-522The VLAN ID or physical interface can not be changed once a VLAN has been created.
-531The VLAN ID and the physical interface have been used by another VLAN interface.
-542Invalid CRL file.
-547The specified priority has already existed.
-548This rule is in the list.
-550The regular expression is not right.
-551The condition is in the list.
-552The host can not be NULL.
-553The URL can not be NULL.
-555The location can not be NULL.
-556The header field name/value can not be NULL.
-557The username can not be NULL.
-558The username is in the list.
-559The uploading succeeds, but an internal error has occured. Try checking the disk space and available memory first.
-651Invalid input value.
-653Invalid regular expression.
-805Invalid authentication key.
-807The password is too short.
-808The password must contain at least one uppercase letter.
-809The password must contain at least one lowercase letter.
-810The password must contain at least one number.
-811The password must contain at least one non-alphanumeric character.
-813The FIPS feature or one of the fields is invalid.
-814The new image does not contain FIPS feature.
-815System upgrade to the new image failed.
-816The FIPS feature might be valid but the public key is new/unknown.
-817FIPS: The password is too short, and a minimum length of 8 characters is required.
-818FIPS: The server mode is not supported when FIPS status is enabled.
-819FIPS: A minimum certificate key length of 1024 bits is required.
-820FIPS: Unsupported certificate feature algorithm.
-821FIPS: Telnet/HTTP access are not allowed.
-822FIPS: Feature check failed for some unknown reasons.
-823The new image does not support CC mode.
-824’Strong-password’ must be enabled when FIPS status is enabled.
-825FIPS: Minimum RSA certificate key length is 2048 bits and mininum EC certificate key length is 224 bits.
-826Downgrade is rejected in FIPS mode.
-831The image file is wrong, please check the version, build number, model, and the partition table.
-832Failed to unzip the image file.
-833MBR is wrong.
-834The signature of the image file is wrong.
-835Downgrade is rejected in FIPS mode.
-900System is shutting down.
-901Backup failed, please try again.
-950The Syslog server has already existed.
-1005Deleting table entry is not allowed.
-1010Login disclaimer declined.
-1101Please wait while the system is restarting.
-1102Invalid device ID.
-1104Error changing the password.
-1500It is not allowed to configure this object in secondary mode.
-1501The reserve management status should be unset first.
-1502The interface is used by HA monitor.
-1503No available license for HA module.
-1504The active-active-standard should be in Reverse Proxy or True Transparent mode.
-1505The group ID is not allowed to change.
-1506The SN is invalid.
-1507The SN is already associated with another node ID.
-1508The VIP is already used by another Traffic Distribution.
-1509The node is not associated with any SN.
-1510The node ID is already used by Traffic Distribution, please unset it first.
-1511The active-active-high-volume should be in Reverse Proxy mode.
-1512You must select at least one node in the HA member.
-1513You must select at least one VIP in the VIP list.
-1514Active-passive and active-active-standard modes are not supported on the Xen server platform.
-1515The operation is not allowed in secondary mode.
-1516The active-passive with udp-tunnel type should be in Reverse Proxy mode.
-1517The ha-node is not supported by current HA network-type and platform.
-1518The Traffic Distribution is not supported by current network-type and platform.
-1519corefile-ha-failover must be disabled when enable-core-file is disabled.
-1520The interface of tunnel-local must be included in the ha-mgmt-interface.
-1521The old IPv4 address is being used by tunnel-local in HA.
-2001Your password must be at least 1 character long.
-2002Your password can not contain the following characters: ~ ! # % ^ & * + ` ’ |
-2003The password entries do not match.
-2004Invalid name.
-2007The password is not strong enough.
-2012
-2016Error missing disk.
-2025Duplicate IP address.
-2026The same Destination has already existed.
-2034CFG_ER_FILTER_TOO_LONG
-3000Internal error processing requested file.
-4001Invalid XPath expression.
-4003The request URL must start with ’/‘.
-4006Invalid suspicious URL.
-4007Signature update failed.
-4013This operation is not allowed under current system operation mode.
-4032Port 22/23/8/43/9 is used by other settings.
-4033Port is used by global conf sync.
-4202The name of virtual server has already existed.
-4303The IP address is already used by another virtual server.
-4304The virtual server IP address is the same as an IP address on a physical interface.
-4305When HA is turned on, it is only allowed to use interface IP on AWS platform.
-4401There are too many default HTTP content routing rules.
-5000Failed to delete this file. The connected user may not have permission.
-5001Failed to revert this file. The connected user may not have permission.
-5002Failed to recover this file. The connected user may not have permission.
-5003The selected file version is the same as the current version.
-5004Website is not connected.
-5005Failed to reset the web site. The connected user may not have permission.
-5006the selected site version is the same as the current version.
-5099Names can only contain A-Z, a-z, 0-9, _.
-5100Names can only contain A-Z, a-z, 0-9, _, and -.
-5101Schedule dates can only be 1-31.
-5102The report is protected because it is editable from the device. To edit it on FortiAnalyzer, disable report_protect option first.
-5103User can not modify report types from on-schedule to on-demand, and vice versa.
-5104The logo file name length should not exceed 63.
-5105The logo picture size should not exceed 400 x 400.
-5106Invalid logo file.
-5107Names can only contain A-Z, a-z, 0-9, _,., and -, but not include ., ..
-5200The renaming operation failed.
-5201The specified name has already existed.
-5202The specified name can only be a file name or directory name.
-5301You can create at most 10 post URL items.
-6000The Inline Protection Profile name has already existed.
-6001The Offline Protection Profile name has already existed.
-6003The Authentication Policy name has already existed.
-6004The scope of LDAP cache timeout is 0-3600.
-6005The Authentication Rule name has already existed.
-6006The HTTP Protocol Constraints name has already existed.
-6007The URL Rewriting Policy name has already existed.
-6008The item is already in the table.
-6009The URL Rewriting Rule name has already existed.
-6011The Hidden Fields Rule name has already existed.
-6012The Allow Method Exception name has already existed.
-6013The URL pattern has been used by a rule in the table.
-6014The IP has already existed in the table.
-6018This rule is in the list.
-6101The Brute Force Login name has already existed.
-6102The scope of standalone IP Access Limit is 0-10000.
-6103The scope of share IP Access Limit is 0-10000.
-6104The scope of Block Period is 1-10000.
-6105You must input a valid regular expression.
-6106The Input Rule name has already existed.
-6115You must input a valid regular expression.
-6117The type of default page can not be regular expression.
-6120The Custom Signature Group name has already existed.
-6121The Custom Signature name has already existed.
-6124The URL Access Rule name has already existed.
-6125The URL Access name has already existed.
-6126You cannot change the type of a used request.
-7000The Robot Control name has already existed.
-7004The Robot Group name has already existed.
-7007The item is already in the table.
-7100The URL Access name can not be null.
-7102The rule name is duplicate.
-7103The priority already exists.
-7106The condition already exists.
-7200The name of the pserver already exists.
-7201The IP address of the pserver is already in use.
-7202You must input a valid port.
-7203The name of server farm already exists.
-7204You must select a Physical Server.
-7205This server is already used in a server pool.
-7206The health check source IP must be specified.
-7207The health check must be specified.
-7210You must select a server farm.
-7212The same service port cannot be used for one Virtual IP twice.
-7213In TT mode, two policies can not set the same V-zone and same pserver.
-7214The protected server name already exists.
-7215The data type group name already exists.
-7216The suspicious URL rule already exists.
-7217You must select a data capture port.
-7218The server farm is used by another policy.
-7219The server farm has the same pserver and port as others.
-7220In TT mode, two policies can not set different v-zones whie the same pserver with different port.
-7221No web protection profile.
-7222Server pool size exceeds the limit.
-7238The server farm type does not match with the deployment mode.
-7239This HTTP content routing policy has been added to the server farm.
-7240The server pool type does not match with the deployment mode.
-7245The Custom Access Rule name already exists.
-7300The server farm name already exists.
-7301You must select a pserver.
-7302The server health check name already exists.
-7303The policy name already exists.
-7400Too many tasks waiting for processing.
-7514You must input a secondary secret.
-7525The host, request_file of the File Upload Restriction Rule already exist.
-7526The Allow Method Policy name already exists.
-7528The sync-type can be only partial_sync when system mode is Inline.
-7530The domain of the domain server is already in use.
-7532The object must be http-body when url-rewrite-rule action-type was http-body-rewrite.
-7533The object can not be http-body when url-rewrite-rule action-type wasn’t http-body-rewrite.
-7535Import failed: Some items have already existed in the system configuration.
-7536The host, request URL of the sub table entry have already existed.
-7537The platform version is not the same as the config file.
-7538Redirect URL input is invalid, and it can only contains A-Z, a-z, 0-9, _, :, /,[,],-and ..
-7539The object can not be http-reference when url-rewrite-rule action-type is http-header-rewrite.
-7540The object can not be http-location when url-rewrite-rule action-type is not location-rewrite.
-7541Invalid file format. The file type must be tar, .tar.gz, or .zip.
-7542File size exceeds the limit.
-7543The file must contain a HTML file named ‘index.html’.
-7545You can create at most 128 exception rules in the Signatures Rule of the same signature ID.
-7554The Custom Access Rule name can not be null.
-7555Only one condition can be configured per rule.
-7556You can not create the same Header name whether it is in a predefined or custom rule.
-7558Invalid password.
-7559The IP address is already in another exception rule.
-7600For WAD, at most 256 items can be created.
-7601Destination IP and gateway must be the same IPv4 or IPv6.
-7602Interface IP must be set.
-7603Source IP and gateway must be the same IPv4 or IPv6.
-7604A duplicate route setting already exists.
-7605The route policy priority already exists.
-7606The default gateway can not be set manually when interface is in DHCP mode.
-7610The bypass can not be enabled when system is in HA mode, RP mode, or Offline mode.
-7611’:’ input is invalid. Supported characters are 0-9 A-Z a-z _ . -
-7615All the enabled web cache policies exceed the maximum buffer size.
-7617You must save the server policy before adding HTTP Content Routing policies.
-7618You must select a SSL protocol.
-7620Image encoding failed.
-7622The number of tags can not exceed 32.
-7625VLANs are not supported on this aggregate device due to no available interface.
-7626You must input protocol for FortiGate integration.
-7627You must input schedule for fortiGate integration.
-7630The database file is empty.
-7631Connection failed.
-7632Socket error.
-7634Interfaces must not be in the same physical interface.
-7635Interface or VLAN is used by V-zone.
-7636Virtual server use-interface-ip status can not be changed when used by a policy.
-7637The service of this port is in use.
-7638The service used by a policy can not be edited.
-7639The service of this virtual IP is in use.
-7640The name can not be empty.
-7645Creating HSM failed.
-7646The imported HSM certificate is invalid.
-7647This partition is not assigned for the FortiWeb, please check the HSM.
-7648Destroying HSM failed.
-7649HSM config is not valid.
-7650Can not connect to server on this port, please check system router and network.
-7652Group dddress must be in the IP range 224.0.0.0~239.255.255.255.
-7653Invalid operator.
-7654MTU setting failed.
-7655Diagnosing HSM partition failed.
-7656The minimum port is larger than the maximum port.
-7659Invalid REST API request.
-7660This interface is managed by DPDK, please detach it from DPDK first.
-7661Capture port must be physical interface that is not used by VLAN.
-7662The condition is in the list.
-7663The URL request of the sub table entry already exists.
-7664The cookie name already exists.
-7665The interface is used by VLAN and MTU should be larger than its VLAN’s setting.
-7666The interface is used by VLAN and MTU should be smaller than its physical interface’s setting.
-7667The interface of VLAN can not set allowaccess in TTP and TI operation mode.
-7670The Custom Access Rule has exceeded the max length(1024).
-7671The URL Access Rule has exceeded the max length(1024).
-7672Internal error.
-7673Failed to process the upload file.
-7674Wrong protocol version setting for SSL in HTTP2.
-7675Wrong cipher setting for SSL in HTTP2.
-7676For TI and Offline pserver, certificate file must be set when SSL is enabled.
-7677The certificate can be included only in single OCSP stapling.
-7678The CA number in one CA file exceeds the limit.
-7679Invalid input format, only JPG format is supported.
-7680The length of input certificate content is too long.
-7681The HTTP header name already exists.
-7684The value of higher level must be larger than that of the lower level.
-7685Input secret is more than 128, and it will be cut off.
-7686The allowed value from URI must start with ‘http://’ or ‘https://‘.
-7687The input PIN-SHA256 should conform to valid base64 format.
-7688The report-uri must be set when report-only is enabled.
-7689PIN-SHA256 requires at least two pins, and requires at least one does NOT refer to a SPKI in current certificate chain.
-7690Status, type, and flag of a certificate can not be configured from CLI.
-7691The configuration of a certificate can not be changed from CLI except the comments.
-7692The maximum value should be larger than the minimum value.
-7693The sign CA must be selected when the Client Certificate Proxy is enabled.
-7694Invalid XML schema file.
-7695Duplicate XML schema file.
-7696Invalid XML WSDL file.
-7697Duplicate XML WSDL file.
-7699The time interval of auto confsync should not be shorter than 5 minutes.
-7700Header field check and HTTP method check can not be disabled at the same time.
-7701Duplicate namespace prefix.
-7702Namespace prefix has been used by element list.
-7703Prefix can only contain A-Z, a-z, 0-9, _, - and ., and it must start with _ or a letter.
-7704Duplicate XPath expression.
-7705Namespace prefix must be defined in namespace mapping.
-7706XML client certificate group must be selected when request operation includes sign verify.
-7707XML client certificate group must be selected when response operation includes encrypt or HMAC-SHA1 sign.
-7708XML server certificate must be selected when request operation includes decrypt.
-7709XML server certificate must be selected when response operation includes RSA-SHA1 sign.
-7711Failed to open file.
-7712Failed to decompress file.
-7713Failed to open directory.
-7714The contents of the extracted file don’t conform to specifications.
-7715The service of policy must be selected.
-7716The mode can not be changed between active-active-standard, active-passive, and active-active-high-volume.
-7717This interface is used in an aggregate. Please try another port.
-7718The end address of IP address range must be greater than the start address.
-7719The Translate to IP address must be set.
-7720This interface is used in a redundant configuration. Please try another port.
-7721This certificate is invalid.
-7722The multi-cert does not support OCSP stapling.
-7725The password of admin can not be changed.
-7726No parameter name is specified.
-7727No header field name is specified.
-7728You have enabled user access restrictions, but API key verificaiton is not enabled.
-7729You need to input valid URL expression.
-7730You need to input valid regular expression.
-7731Invalid UUID format.
-7732Invalid API key format.
-7733You must input HTTP host.
-7734Invalid format for URL frontend prefix.
-7735Invalid format for URL backend prefix.
-7736Failed to change UUID for API user.
-7737Failed to change API Key for the user.
-7738The format of HTTP attach header is invalid.
-7739Invalid format for URL
-7741Invalid format for parameters
-7742Invalid format for headers
-7743Invalid name for phantom token
-7744Invalid name for token
-7745Invalid format for header verification
-7746Invalid format for payload validation
-7747Invalid format for RSA key
-7801Getting site information table failed.
-7802Getting site tree root failed.
-7803The site has no record.
-7804Getting site child nodes failed.
-7811Operation failed.
-7812Malloc memory error.
-7813The parameter is not in running or testing state.
-7814Invalid parameter.
-7815The length of the password has exceeded the max length(15).
-7816Decrypting or encrypting data error, or unmatched Anomaly Detection data file is found.
-7817The parameter has been refreshed.
-7818Port1 should be in DHCP mode when HA is enabled on cloud platform.
-7819Failed to support multiple import tasks at the same time.
-7820Failed to import Anomaly Detection data.
-7821Unmatched Anomaly Detection data file found.
-7822Failed to support multiple export tasks at the same time.
-7823Failed to export Anomaly Detection data.
-7824All interfaces should be in static mode when HA is enabled in flat mode on KVM platform.
-7825Port1 should be in DHCP mode when HA is enabled in UDP tunnel mode on KVM platform.
-7826Failed to import bot detection data.
-7827Unmatched bot detection data file is found.
-7828Failed to export bot detection data.
-7829Decrypting or encrypting data error.
-7830Duplicate file type.
-7831These file names are not allowed: < > ( ) # |
-7832Unmatched bot detection data file is found under the current operation mode.
-7833The maximum number of parameters in URL has reached the limit.
-7834The maximum number of parameters in domain has reached the limit.
-7835Due to the limit of the domain count, imported Anomaly Detection data partly.
-7836Failed to import api learning data.
-7837Failed to export api learning data.
-7838Unmatched API learning data file found.
-7848Failed to resolve reference file.
-7849Failed to find reference file.
-7850Failed to find database file.
-7851Failed to find JSON file.
-7852Invalid JSON file.
-7853Parsing info object failed.
-7854Parsing server object failed.
-7855Parsing path file failed.
-7856YAML file does not exist.
-7857Invalid YAML file for OpenAPI.
-7858Creating database failed.
-7859The mode can not be active-active-standard when network-type is udp-tunnel on kvm platform.
-7860The multi cluster status should be unset first.
-7861HA entry already exists.
-7862Manager entry already exists.
-7863It is not allowed to configure this object in manager client mode.
-7864No available license for manager module.
-7865All interfaces should be in DHCP mode (IPv4) when the manager mode is enabled.
-7866The manager mode should be in RP mode.
-7870Address error.
-7871Server test error.
-7872Internal API error.
-7873Invalid credentials.
-7901Getting WVS policy status failed.
-7902Names can only contain space, A-Z, a-z, 0-9, _, -, and .
-7903Names can only contain A-Z, a-z, 0-9, _, -, and .
-7910For ADFS server, ADFS domain must be set.
-7911For ADFS server, ADFS username must be set.
-7912For ADFS server, SNI forward can’t be set.
-7913For ADFS server, the client certificate must be set.
-7950The country name is empty or wrong.
-7955Invalid JSON schema file.
-7956Duplicate JSON schema file.
-7960The interface name is too long to create VLAN; the length of the interface name should be less than 15 letters.
-7961Test sample failed.
-7970The IP address of VIP is already used by another VIP.
-7971The IP address you entered for this VIP is already occupied by an interface.
-7972The name format of the VIP is VIP+number, such as VIP1; only VIP1~VIP200 is supported.
-7973You can create at most 200 VIP items
-7974You can create at most 16 VIPs on a interface.
-7975When HA or manager cluster is turned on, it is not allowed to configure VIP on AWS platform.
-7976It is not allowed to configure VIP in TTP operation mode.
-7980The HSM partition is in use.
-7981Passwords of different partitions within the same HSM HA group must be identical.
-7982The HSM HA group must have at least one member.
-7990Only admin user can delete other users.
-7991Invalid private key file.
-8000The mobile API protection rule must be set.
-8001The rule has been selected.
-8010Token secret must be set when Mobile App Identification status is Enable.
-8011Getting the file content error.
-8012The imported file should not be empty.
-8014
-8015Malloc failed.
-8016Invalid start IP.
-8017Invalid end IP.
-8018Invalid CIDR.
-8019Start IP is larger than then end IP.
-8020IP range duplicate.
-8021Invalid UUID format.
-8022The host can not be NULL.
-8023The value of inactive time is invalid. Please input <1 - 180 minutes> or <1 - 24 hours>.
-8024The value of expire time is invalid. Please input <1 - 180 minutes> or <1 - 24 hours>.
-8025The path must start with ’/‘.
-8026The bypass URL must start with ’/‘.
-8030The URL encryption rule must be set.
-8031The rule has been selected.
-8037Adom user can not change accprof.
-8038Adom user can not change adom.
-8039Admin user’s accprof should be prof_admin.
-8040Only admin user can change accprof to prof_admin.
-8041User can not delete himself.
-8042Only admin user can change other users’ configuration.
-8043The external IP address must be set.
-8044The mapped IP address must be set.
-8045The FWMARK Policy mark already exists.
-8046HTTP2 with URL based certificate verification is not supported.
-8047The IP range includes interface address.
-8048The external address/range can not include the ingress interface address.
-8049The mapped address/range can not include any interface address.
-8050The IP range includes VIP address.
-8051Conflicted with the external IP address for DNAT rules.
-8052Conflicted with the mapped IP address for DNAT rules.
-8053The Redis service is out of memory.
-8054The attack type must be set.
-8055You can create at most 128 exception rules of the same attack type.
-8056The total port range can not be more than 8.
-8057The port range can not cover each other.
-8058The total port number can not be more than 128.
-8059The protocol does not support port range.
-8085The mode can not be active-active-standard on cloud platform.
-8086Port1 should be in DHCP mode on cloud platform.
-8087Failed to create intferface on cloud paltform.
-8088Interface mode is not allowed to modify on OCI platform.
-8089The duplicate domain name has been configured.
-8095Another wildcard admin user has existed in system.
-8096Unsupported cipher in FIPS ciphers mode.
-8097Unsupported certificate in FIPS ciphers mode.
-8098Unsupported ssl protocol version in FIPS ciphers mode.
-8100Current mode is WCCP,cannot disable wccp-mode switch.if needed please change to other mode first.
-8101The private key or certificate files of the local certificate is not generated yet.
-8109The header type is not supported in request action.
-8110The custom value cannot be empty.
-8111The JWK kty is unknown type.
-8112Please set JWK secret for Octet key type.
-8113The modulus/exponent is invalid for RSA key type.
-8114The x/y/crv is invalid for EC key type.
-8115The X.509 Certificate SHA-1/SHA-256 Thumbprint base64url decode error.
-8116The scope field must contain ‘openid’.
-8130Getting domain url list failed.
-8131HSM server with the same name already exists.
-8132Only one partition is allowed under HSM non-HA mode.
-8133Only one server is allowed under HSM non-HA mode.
-8134Failed to delete HSM HA group.
-8135Failed to add new member to HSM HA group.
-8136Failed to synchronize HSM HA group.
-8137Failed to get HSM partition slot id.
-8138Failed to add HSM partition.
-8139Failed to change Luna Client config file.
-8140You must create an HSM HA group containing 2 members firstly.
-8150The link cloaking rule must be set.
-8151The rule has been selected.
-8210Error build connection.
-8211Error sending message.
-8212Error recving message.
-20000The REST API has no URL in environment variable.
-20001The REST API has invalid URL.
-20002The REST API is not authenticated in environment variable.
-20003The REST API authentication failed.
-20004The REST API has no method in environment variable.
-20005The REST API has invalid HTTP method.
-20006The REST API has no argument in environment variable.
-20007The REST API has invalid argument.
-20008The REST API has no client address in environment variable.
-20009The REST API has no free memory.
-20010The license of peer VM FortiWeb is not valid.
-20011The REST API has invalid multipart/form-data format.
-20012The REST API can’t get signature rule by the signature name.
-20013The REST API failed to do signature query.
-20014The REST API has no HTTP body.
-20015Backup file does not exist.
-20016Duplicate local backup file.
-20017At least one SSL version needs to be configured.
-20018OCI Connector is not supported in pserver list.
-20019Could not decrypt certificate/private key. Please verify that you have the correct password.
-20020The certificate does not match any private key generated on FortiWeb. Please verify that you have the correct certificate file.
-20021Let’s Encrypt certificate is used by some object.
-20022Private data encryption key is not the correct format..
-20023The number of member in this group is 0
-20024True Transparent proxy with HA active-active-standard doesn’t support Server Pool Health Check.
-20025Unable to download due to size
-20026The name of the local certificate has exceeded the maximum length(192).
-20027The REST API read statistic database error.
-20028Names can only contain A-Z, a-z, 0-9, _, and -. ():
-20029You need to disable shell access before mod. the username or passowrd of shell acess.
-20030The username of admin is conflict with the one for shell access.
-20031When Ignore-X-Forwarded-For is enabled, action Redirect and Send 403 Forbidden are not supported.
-20032The input is duplicated. Nothing is updated.
-20033The REST API failed to save data.
-20034The maximum no of pairs of filter has been reached.
-20035Failed to upload file because the application key is duplicate.
-20036This file type is predefined, please config it by Predefined File Types.
-20037Filter length exceeds limitation.
-20038Host can have at most one wildcard.
-20039At least one method should be checked.
-20040At least one protocol should be checked.
-20041It is duplicate EMS server.
-20042The ZTNA should be in Reverse Proxy mode.
-20043When Data Type is Hex-array, Operation must be Equal.
-20044Invalid length of Hex array.
-20045Invalid Hex array.
-20046In FIPS mode, RSA key generation refuses to create and use a key with a keysize of less than 2048 bits and SHA-1 digest algorithm may not be used
-20047FDS update in progress, try again later
-20048The health check group id must be different in master or slave role
-20049The health check of master role only refer to one server pool
-20050Pserver do not refer to master/slave role health
-20051Pservers have same ip address in server pool which use master role health
-20052Please select a CA certificate.
-20053RFC7919 compliance is enabled, but no DHE cipher suites are selected.
-20054RFC7919 compliance is enabled, but no FFDHE group is selected.
-20055Can’t be moved in pre-defined rules.
-20056Invalid args in REST API request.
-20057FTC login system error.
-20058Please check the internet connection to FTC.
-20059Invalid FTC packet received.
-20060Incorrect account or password.
-20061Invalid gRPC IDL file.