This certificate or one of the certificates in the certificate chain is not time valid.

Certificates in the chain are not properly time nested. Deprecated.

Trust for this certificate or one of the certificates in the certificate chain has been revoked.

The certificate or one of the certificates in the certificate chain does not have a valid signature.

The certificate or certificate chain is not valid for its proposed usage.

The certificate or certificate chain is based on an untrusted root.

The revocation status of the certificate or one of the certificates in the certificate chain is unknown.

One of the certificates in the chain was issued by a certification authority that the original certificate had certified.

One of the certificates has an invalid extension.

The certificate or one of the certificates in the certificate chain has a policy constraints extension, and one of the issued certificates has a disallowed policy mapping extension or does not have a required issuance policies extension.

The certificate or one of the certificates in the certificate chain has a basic constraints extension and either the certificate cannot be used to issue other certificates or the chain path length has been exceeded.

The certificate or one of the certificates in the certificate chain has an invalid name constraints extension.

The certificate or one of the certificates in the certificate chain has a name constraints extension containing unsupported fields.

The certificate or one of the certificates in the certificate chain has a name constraints extension and a name constraint is missing for one of the name choices in the end certificate.

The certificate or one of the certificates in the certificate chain has a name constraints extension and there is not a permitted name constraint for one of the name choices in the end certificate.

The certificate or one of the certificates in the certificate chain has a name constraints extension and one of the name choices in the end certificate is explicitly excluded.

The certificate chain is not complete.

A CTL used to create this chain was not time valid.

A CTL used to create this chain did not have a valid signature.

A CTL used to create this chain is not valid for this usage.

The revocation status of the certificate or one of the certificates in the certificate chain is either off-line or stale.

The end certificate does not have any resultant issuance policies, and one of the issuing CA certificates has a policy constraints extension requiring it.

The certificate chain contains a certificate with unsupported signature hash algorithm (usually SHA-2) or unsupported key algorithm (usually ECDSA).

Unknown error.

A path length constraint in the certification chain has been violated.

A certificate contains an unknown extension that is marked critical.

A certificate chain is invalid, such as an certificate's Issuer not matching the CA's Subject or an certificate's AKI not matching the CA's SKI.

The certificate's CN name does not match the passed value.

The certificate was explicitly marked as untrusted by the user or CA.

A certificate or CRL is malformed.

There might be more errors apart from those reported.

Certificate uses algorithm which is not considered secure on this platform.

Certificate is not trusted.