Error "WARN - Invalid cookie header"
Mar 9, 2026
Okta Classic Engine
Multi-Factor Authentication
Okta Identity Engine
Overview
This article addresses the situation in which, in the RADIUS logs, there is constantly a warning for an invalid cookie header, as follows:
WARN - Invalid cookie header: "set-cookie: sid="";Version=1;Path=/;Max-Age=0;Expires=Thu, 01 Jan 1970 00:00:00 GMT". Invalid 'expires' attribute: Thu, 01 Jan 1970 00:00:00 GMT
Applies To
- RADIUS
- Invalid cookie header
- Multi-Factor Authentication (MFA)
Cause
The Desktop VPN client that is in use is clearing session cookie data for security purposes. The invalid header is due to the cookie's expiry date being in the past, which is common practice when trying to erase the cookie information.
Solution
This warning can be ignored, as it does not affect the ability to authenticate via RADIUS in any way.
