search cancel

Shared secret lost


Article ID: 132091


Updated On:


CA Identity Manager CA Identity Governance CA Identity Portal


When starting Identity Manager errors are produced reporting mismatched secret passwords  (see below)

There was an error in Decrypting the inbound payload from the provisioning server. This could be due to mismatched shared secrets. 


20190227:103728:TID=650b70:EtaServer :----:----:I: Retrieving common BLS Connectivity Configuration 


20190227:103728:TID=650b70:I: ================================================= 
20190227:103728:TID=650b70:I: START: Notify Batch Processing 
20190227:103728:TID=650b70:I: Sending Notification: eTNotifyOpID=ef0eb168-ceef-1038-9e21-cd2297e3498e 
20190227:103728:TID=650b70:I: Event: Resume_Account (eTDYNAccountName=98773208) 
20190227:103728:TID=650b70:I: SeqNo: 0000000004 
20190227:103728:TID=650b70:I: Try sending payload to 
20190227:103728:TID=650b70:E: ERROR: There was an error in Decrypting the inbound payload from the provisioning server. This could b 
20190227:103728:TID=650b70:E:+e due to mismatched shared secrets. 
20190227:103728:TID=650b70:E: Error in notification processing: Reason: Operation failed. ERROR: IMS was not able to consume the not 
20190227:103728:TID=650b70:E:+ification successfully. 


CA Identity Manager 14.x


It is possible for the passwords can fall out of sync.


The password used by Provisioning Server to encrypt the notification and sent to Identity Manager is part of BLS Connectivity Configuration(eTConfigPayload attribute). This can be updated either by Provisioning Manager or Identity Manager.

Via the Identity Manager (IM) user console "System->Secret Keys" screen


Via the Provisioning Sever "System -> Identity Manager Setup - > Shared Secret" screen

Try changing the password on the provisioning server and wait for it to be read by IM.