Shared secret lost
Article ID: 132091
Updated On:
Products
CA Identity Manager
CA Identity Governance
CA Identity Portal
Issue/Introduction
When starting Identity Manager errors are produced reporting mismatched secret passwords (see below)
There was an error in Decrypting the inbound payload from the provisioning server. This could be due to mismatched shared secrets.
etatrans:
20190227:103728:TID=650b70:EtaServer :----:----:I: Retrieving common BLS Connectivity Configuration
etanotify:
20190227:103728:TID=650b70:I: =================================================
20190227:103728:TID=650b70:I: START: Notify Batch Processing
20190227:103728:TID=650b70:I: Sending Notification: eTNotifyOpID=ef0eb168-ceef-1038-9e21-cd2297e3498e
20190227:103728:TID=650b70:I: Event: Resume_Account (eTDYNAccountName=98773208)
20190227:103728:TID=650b70:I: SeqNo: 0000000004
20190227:103728:TID=650b70:I: Try sending payload to http://10.17.1.13:8080/iam/im/ETACALLBACK/?env=identityEnv
20190227:103728:TID=650b70:E: ERROR: There was an error in Decrypting the inbound payload from the provisioning server. This could b
20190227:103728:TID=650b70:E:+e due to mismatched shared secrets.
20190227:103728:TID=650b70:E: Error in notification processing: Reason: Operation failed. ERROR: IMS was not able to consume the not
20190227:103728:TID=650b70:E:+ification successfully.
There was an error in Decrypting the inbound payload from the provisioning server. This could be due to mismatched shared secrets.
etatrans:
20190227:103728:TID=650b70:EtaServer :----:----:I: Retrieving common BLS Connectivity Configuration
etanotify:
20190227:103728:TID=650b70:I: =================================================
20190227:103728:TID=650b70:I: START: Notify Batch Processing
20190227:103728:TID=650b70:I: Sending Notification: eTNotifyOpID=ef0eb168-ceef-1038-9e21-cd2297e3498e
20190227:103728:TID=650b70:I: Event: Resume_Account (eTDYNAccountName=98773208)
20190227:103728:TID=650b70:I: SeqNo: 0000000004
20190227:103728:TID=650b70:I: Try sending payload to http://10.17.1.13:8080/iam/im/ETACALLBACK/?env=identityEnv
20190227:103728:TID=650b70:E: ERROR: There was an error in Decrypting the inbound payload from the provisioning server. This could b
20190227:103728:TID=650b70:E:+e due to mismatched shared secrets.
20190227:103728:TID=650b70:E: Error in notification processing: Reason: Operation failed. ERROR: IMS was not able to consume the not
20190227:103728:TID=650b70:E:+ification successfully.
Cause
It is possible for the passwords can fall out of sync.
Environment
CA Identity Manager 14.x
Resolution
The password used by Provisioning Server to encrypt the notification and sent to Identity Manager is part of BLS Connectivity Configuration(eTConfigPayload attribute). This can be updated either by Provisioning Manager or Identity Manager.
Via the Identity Manager (IM) user console "System->Secret Keys" screen
or
Via the Provisioning Sever "System -> Identity Manager Setup - > Shared Secret" screen
Try changing the password on the provisioning server and wait for it to be read by IM.
Via the Identity Manager (IM) user console "System->Secret Keys" screen
or
Via the Provisioning Sever "System -> Identity Manager Setup - > Shared Secret" screen
Try changing the password on the provisioning server and wait for it to be read by IM.
Feedback
Powered by
