Issue using store passwords
search cancel

Issue using store passwords

book

Article ID: 194835

calendar_today

Updated On:

Products

CA API Gateway API SECURITY CA API Gateway Precision API Monitoring Module for API Gateway (Layer 7) CA API Gateway Enterprise Service Manager (Layer 7) STARTER PACK-7 CA Microgateway

Issue/Introduction

I am using a variable called ${secpass.jwe_pwd.plaintext} to get the content of the password jwe_pwd
The Decode JSON WEb token fails if I use the variable and it works if I use an hardcoded password.

It seems the Decode Json Web token assertion doesn't recognize the content of the variable correctly.

Environment

Release : 9.x

Component : API GATEWAY

Cause

the error reported in the env where the decode JWT assertion is not working is:

2020-05-28T15:53:18.445+0200 WARNING 1020 com.l7tech.external.assertions.jwt.server.ServerEncodeJsonWebTokenAssertion: 10808: Invalid key for dir with A128CBC-HS256, expected a 256 bit key but a 264 bit key was provided.

Resolution

The error would indicate there is something added to the password :  expected a 256 bit key but a 264 bit key was provided.

When using copy and paste the password the error occurs , after typing it the problem did not occur .
Make sure the copied password has no additional BLANKS, CR or LF at the end .
Due to the masking you will not see this 

 

Powered by Wolken Software