Look in the server log file (or ask the server administrator to do so for you, but since this is 'localhost', presumably that is you). The message returned to the client it intentionally vague, to avoid leaking information to an attacker. The server log file will have more details.