eSeal error codes

Sample error response

<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV=>
        <dss:SignResponse xmlns:dsig= xmlns:css= xmlns:dss= xmlns:xades= Profile="urn:safelayer:tws:dss:1.0:profiles:pades:1.0:sign" RequestID="b22c97c6117fc3386f81" >
                <dss:ResultMessage>The key specified in the KeySelector element was not found. Cannot sign - (10408)</dss:ResultMessage>

"ResultMinor" will be returned part of the response only if there is an error in the transaction

ResultMinor Codes


urn:oasis:names:tc:dss:1.0: resultminor:NotAuthorized

The requester or the requested party is not

authorized to perform this operation.

urn:oasis:names:tc:dss:1.0: resultminor:NotSupported

The server does not recognize or support some aspect of the


urn:safelayer:dss:1.0: resultminor:PolicyViolation

The server cannot process the request owing to a service policy violation.


Signer's certificate not found in the signature or in the verification


urn:oasis:names:tc: dss:1.0:resultminor:NotSupported

The server cannot process the content of a valid element in the request owing to an unexpected error.

The dss:ResultMessage

element can include lower level information on the reasons for the error.

urn:safelayer:dss:1.0: resultminor:SigningError

The input data and parameters are correct, but the server cannot generate the signature requested owing to an unexpected error.

The dss:ResultMessage element can include lower level information on the reasons for the


urn:oasis:names:tc:dss:1.0:resultminor: ValidSignature_OnAllDocuments

The signature or time- stamp is valid and includes all the input documents indicated in

the request.

urn:oasis:names:tc:dss:1.0:resultminor: ValidSignature_NotAllDocuments

There are multiple signatures or time- stamps but not all are


urn:oasis:names:tc:dss:1.0:resultminor: IncorrectSignature

The signature cannot be verified (the

<dss:ResultMessage> that comes with this result indicates the

causes of the error)

urn:safelayer:dss:1.0: resultminor: IncorrectKeySelected

Signature not generated owing to the selection of an invalid key.

urn:safelayer:dss:1.0: resultminor: IncorrectAlgorithmIdentifier

The selected signature algorithm is not supported.

urn:safelayer:dss:1.0: resultminor: IncorrectFormatInData

Incorrect input data.

urn:safelayer:tws:dss:1.0: profiles:resultminor: UntrustedKey:CA

The signed message has not been modified but the signature key is not trusted (because the certification chain could not be built or because the CA certificate is not


urn:safelayer:tws:dss:1.0: profiles:resultminor: UntrustedKey:Validity

The signed message has not been modified and the certification chain is

trusted. However, the signature key is not trusted because the certificate has expired and it cannot be verified that the signature was generated when the certificate was valid.

urn:safelayer:tws:dss:1.0: profiles:resultminor: UntrustedKey:Status

The signed message has not been edited, the certification chain is trusted and the signature was generated with a valid certificate. However, the server could not verify that the signature key was valid. Either because the status information indicates that the signature was invalid or because the status information could not be queried.


<xades:RevocationValu es> element of the XML message contains further information on

the certificate's status.

urn:safelayer:tws:dss:1.0: profiles:resultminor: IncorrectArchiveSignature

The archive signature cannot be verified (the

<dss:ResultMessage> element indicates the causes of the error).

urn:safelayer:tws:dss:1.0:profiles:resultminor:UntrustedKey:GoodWit hNoInfo

The signed message has not been edited, and the signature key is trusted. However, the status of all the certificates in the certification chain cannot be determined owing to a lack of revocation information in the long-term signature.

Last updated