search cancel

API Gateway: Expedited Appliance Upgrade DB Password Encryption error

book

Article ID: 112654

calendar_today

Updated On:

Products

CA Rapid App Security API SECURITY CA API Gateway

Issue/Introduction

The customer used the Expedited Appliance Upgrade procedure as outlined in our documentation. 


Although the database upgrade utility reports: "The database was successfully upgraded", the gateway will not start. 
The gateway log file SSG logs show  the following error: 

**** Unable to start the server: Error starting server : Error creating bean with name 'zoneUpdateSecurityChecker': Injection of autowired dependencies failed; nested exception is org.springframework.beans.factory.BeanCreationException: Could not autowire field: private com.l7tech.server.EntityFinder com.l7tech.server.security.rbac.ZoneUpdateSecurityCheckerImpl.entityFinder; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'entityCrud' defined in class path resource [com/l7tech/server/resources/ssgApplicationContext.xml]: Cannot resolve reference to bean 'federatedUserManager' while setting constructor argument with key [9]; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'federatedUserManager' defined in class path resource [com/l7tech/server/resources/ssgApplicationContext.xml]: Cannot resolve reference to bean 'clientCertManager' while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'clientCertManager' defined in class path resource [com/l7tech/server/resources/ssgApplicationContext.xml]: Cannot resolve reference to bean 'defaultKey' while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'ssgKeyStoreManager' defined in class path resource [com/l7tech/server/resources/ssgApplicationContext.xml]: Cannot resolve reference to bean 'dbPasswordEncryption' while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'dbPasswordEncryption' defined in class path resource [com/l7tech/server/resources/ssgApplicationContext.xml]: Cannot resolve reference to bean 'clusterSharedKey' while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'clusterSharedKey' defined in class path resource [com/l7tech/server/resources/ssgApplicationContext.xml]: Invocation of init method failed; nested exception is com.l7tech.objectmodel.FindException: could not decrypt shared key: Given final block not properly padded. Such issues can arise if a bad key is used during decryption. 

Environment

Expedited Appliance Upgrade

Resolution

Apply the following solution to resolve this problem:

1. Copy the /opt/SecureSpan/Gateway/node/default/etc/conf/node.properties file from the old gateway to the newly expedited gateway.                         

2. Modify the Listening Ports via MySQL to enable the Gateway to start properly: 
mysql> SELECT c.name, c.port, cp.name, cp.value FROM connector c, connector_property cp WHERE cp.connector_goid = c.goid and cp.name="bindAddress"; 
mysql> UPDATE connector_property SET value= '<New Gateway IP-address>' WHERE name='bindAddress' and value='<Old Gateway IP-address>';