apply - Apply the new setting
apply [report | force | cancel]
The execution of different configuration commands does not immediately affect the running system. To take effect, a new configuration should be applied to the system. The apply command allows you to apply a new configuration to the system. In the other hand the apply command replace the running configuration with a new configuration. The apply operation is asynchronous (you are not blocked during its execution).
Note that during the apply operation, new modification of the configuration is not always guaranteed (Use the command conf diff after the termination of the apply operation to display differences between the running and the new configuration).
The optional report keyword allows you to display a system report on the last apply command. Without the optional argument force the user is invited to confirm the apply operation. The optional argument force allows you to bypass this confirmation.
When a configuration command is used to display a parameter, it always show both the running (current) and the new (net yet applied) configuration. The command conf allows you to display the configuration for all parameters.
Finally, the optional argument cancel allows you to cancel (abort) the running apply operation and get the initial configuration before launching the apply command. However, the following setting cannot be cancelled: settings that depend on the content of external files (for instance custom WAF rules), generated SSL certificates and administrators passwords. Note that some sub-operations attached to the apply program cannot be cancelled immediately. CAUTION: aborting some operations such as downloading the antivirus signatures may let the system in an inconsistent state. That’s why the cancellation of an apply operation should always be followed by a new apply operation.
Please note that you have to wait for the termination of other asynchronous commands before running the apply command.
Before being applied to the system, the apply command verifies the integrity of the new configuration as a whole to make sure that all new parameters are both compatible. After this step and if all goes well, the apply operation is launched. The report mentioned above may produce some errors in different context. Meaningful errors are as follows:
[ Antivirus signature base update context ]:
• Error 58: can’t read databases from remote servers.
• Error 59: Remote servers are not fully synchronized (try again later).
• Error 101-109: can’t resolve remote servers names.
[ Antivirus white list integration context ]:
• Error 11: the antivirus white list is not in a gzip compressed format.
• Error 13: can’t uncompress the antivirus white list.
• Error 15: the antivirus white list contains invalid entries.
• Error 17: can’t compile the antivirus white list.
• Error 19: can’t integrate the antivirus white list.
• Error 21: can’t reload the antivirus DB files.
[ Appliance and license registration context ]:
• Error 2: failed to initialize.
• Error 6: couldn’t resolve host. The given remote host was not resolved.
• Error 7: failed to connect to host.
• Error 22: HTTP page not retrieved. The requested url was not found or returned another error with the HTTP error code being 400 or above.
• Error 26: read error. Various reading problems.
• Error 27: out of memory. A memory allocation request failed.
• Error 28: operation timeout. The specified timeout period was reached according to the conditions.
• Error 33: HTTP range error. The range "command" didn’t work.
• Error 34: HTTP post error. Internal post-request generation error.
• Error 35: SSL connect error. The SSL handshaking failed.
• Error 42: aborted by callback. An application told to abort the operation.
• Error 47: too many redirects. Hit the maximum amount when following redirects.
• Error 51: the peer’s SSL certificate or SSH MD5 fingerprint was not ok.
• Error 52: the service service didn’t reply anything, which here is considered an error.
• Error 53: SSL cryptographic engine not found.
• Error 54: cannot set SSL cryptographic engine as default.
• Error 55: failed sending network data.
• Error 56: failure in receiving network data.
• Error 58: problem with the local certificate.
• Error 59: couldn’t use specified SSL cipher.
• Error 60: peer certificate cannot be authenticated with known CA certificates.
• Error 61: unrecognised transfer encoding.
• Error 65: sending the data requires a rewind that failed.
• Error 66: failed to initialise SSL Engine.
• Error 75: character conversion failed.
• Error 76: character conversion functions required.
• Error 78: the resource referenced in the URL does not exist.
• Error 80: failed to shut down the SSL connection.
• Error 83: issuer check failed.
• Error 100: the registration service returned a non digit value code.
• Error 111-129: the appliance has sent an illegal appliance registration request.
• Error 139: an invalid email address has been used to register the appliance.
• Error 141-145: the appliance registration service is unavailable at this moment.
• Error 151: the appliance registration service returned an unknown state.
• Error 153: the transmitted OTP is not valid.
• Error 155: the OTP is transmitted by an IP address which is not allowed to register this appliance.
• Error 157: the appliance has never been registered.
• Error 159: an invalid passphrase has been transmitted by an already registered appliance.
• Error 161: the appliance has been already registered.
• Error 169: the appliance registration service returned an unknown code.
• Error 170-172: the registration service returned non conform values.
• Error 180: can’t add the S/N account.
• Error 211-228: the appliance has sent an unauthorized license registration request.
• Error 241-245: the license registration service is unavailable at this moment.
• Error 251: can’t register a license key for an unregistered appliance.
• Error 253: the appliance can’t be authenticated.
• Error 255: the license key is not intended to be install on this appliance for capacity incompatibility reasons.
• Error 257: the license key is revoked.
• Error 259: the license key has been already registered for another appliance.
• Error 261: can’t register the license key because no subscription exists for it.
• Error 263: the subscription associated to the license key has been canceled.
• Error 265: the subscription associated to the license key has been disabled.
• Error 267: the subscription associated to the license key is in an unkown state.
• Error 279: the license key registration service returned an unknown code.
• Error 300: the registration service returned an unknown state value.
[ Checking the RAM capacity ]:
• Error 1: the RAM capacity of the appliance is not enough to simultaneously activate all configured features. This error is encountered because either some warnings have been ignored during the OS installation or the RAM capacity of the appliance has been reduced after the installation. To avoid this error you can either deactivate some RAM consuming features (like the caching, antivirus or compression) or upgrade the RAM capacity of your appliance. Also if you encounter this error because you activated the caching mode, you have the possibility to reinstall the OS and reduce the HDD capacity usage during the installation.
[ Custom WAF rules compilation context ]:
• Error 10: the maximum number of WAF rules per reverse website has been reached during a WAF rule compilation. In case the maximum number is reached, the compilation stops and rules limited to that maximum number are applied. Please note that this error should not occur in normal situation as the maximum number of WAF rules is verified during the WAF rules loading (see the command waf).
[ License key checking context ]:
• Error 11: the appliance is not yet registered and therefore does not have a S/N.
• Error 13: the specified license key is not valid.
[ SSL Mediation exceptions list compiling context]:
• Error 11: can’t convert the domain name list to dump format.
• Error 13: can’t convert the domain name list to db format.
• Error 15: can’t dump a URL list in db format.
• Error 17: can’t convert a URL list from dump format to db format.
• Error 19: can’t convert an exceptions list form db format to a flat format.
• Error 21: can’t remove subdomains from the exceptions list.
[ System restore operation context ]:
• Error 11: backup file corrupted.
• Error 19: can’t restore and old generation backup.
• Error 21: can’t restore a backup in another OS version.
• Error 23: can’t restore a backup of another appliance model on this system.
[ System patch version matching context ]:
• Error 11-13: internal error during version matching verification.
• Error 15: the patch is not adequate.
[ System patch unpacking context ]:
• Error 11: the patch is not in a compressed format.
• Error 21: the patch is not in an archive format.
• Error 27: patch signature verification failed.
• Error 41: CPU architecture mismatch.
[ System patch applying context ]:
• Error 11: internal error in pre installation program.
• Error 13: internal error during patched component installation.
• Error 15: internal error in post installation program.
[ TLS component installation context ]:
• Error 10: can’t read a non plain text file.
• Error 11: can’t install a chain certificate without a related public certificate.
• Error 12: can’t install a duplicated third party CA certificate.
• Error 21: the verification of a chain certificate has failed.
• Error 23: the chain certificate is not valid.
• Error 30: can’t install an encrypted private key.
• Error 31: can’t install a private key without a related public certificate.
• Error 33: the verification of a private key has failed.
• Error 35: a private key is not valid.
• Error 40: a CA certificate has been expected while the loaded certificate is not a CA certificate.
• Error 41: can’t install a public certificate without a related private key.
• Error 43: the private key and public certificate don’t match.
• Error 45: the private key and chain certificate don’t match.
• Error 47: can’t extract certificate information.
• Error 51: can’t convert a root CA certificate from PEM format to DER format.
[ TLS component generation context ]:
• Error 13: can’t generate the private key for a certificate configuration.
• Error 15: can’t generate the CSR for a certificate configuration.
• Error 17: can’t update the signature index while signing a certificate.
• Error 18: can’t convert a public certificate from PEM format to DER format.
• Error 19: can’t sign a certificate with the root CA.
• Error 21: can’t generate the self signed certificate for a certificate configuration.
[ URL list building/updating context ]:
• Error 7: url list signature verification failed.
• Error 9: the url list is not in a gzip compressed format.
• Error 13: can’t uncompress the url list.
• Error 15: the uncompressed url list is not an ASCII file.
• Error 17: can’t create the new url list.
• Error 19: url list update failed because it has never been created before.
• Error 21: can’t apply the url list update.
cancel (1) conf (1)
CacheGuard Technologies Ltd <www.cacheguard.com>
Send bug reports or comments to the above author.
Copyright (C) 2009-2018 CacheGuard - All rights reserved