ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

ERROR [com.netegrity.crypto.AESCBCPKCS5PaddingHandler] (MSC service thread 1-2) Keyfile '/com/netegrity/config/keys/FIPSkey.dat' not found. Unable to get secret key: /com/netegrity/config/keys/FIPSkey.dat (No such file or directory)

book

Article ID: 199829

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite

Issue/Introduction

After IDM upgrade from 14.1 to 14.3, we are seeing the following error in the server.log file.


12:53:42,656 ERROR [com.netegrity.crypto.AESCBCPKCS5PaddingHandler] (MSC service thread 1-2) Keyfile '/com/netegrity/config/keys/FIPSkey.dat' not found. Unable to get secret key: /com/netegrity/config/keys/FIPSkey.dat (No such file or directory)
12:53:42,656 ERROR [com.netegrity.crypto.AESCBCPKCS5PaddingHandler] (MSC service thread 1-6) Keyfile '/com/netegrity/config/keys/FIPSkey.dat' not found. Unable to get secret key: /com/netegrity/config/keys/FIPSkey.dat (No such file or directory)
12:53:42,657 ERROR [com.netegrity.crypto.AESCBCPKCS5PaddingHandler] (MSC service thread 1-7) Keyfile '/com/netegrity/config/keys/FIPSkey.dat' not found. Unable to get secret key: /com/netegrity/config/keys/FIPSkey.dat (No such file or directory)
12:53:42,657 ERROR [com.netegrity.crypto.AESCBCPKCS5PaddingHandler] (MSC service thread 1-6) Exception caught while decrypting.
12:53:42,657 ERROR [com.netegrity.crypto.AESCBCPKCS5PaddingHandler] (MSC service thread 1-7) Exception caught while decrypting.

 

Environment

Release : 14.3

Component : CA IDENTITY SUITE (VIRTUAL APPLIANCE)

Resolution

During the prior installation, you most  likely specified the FIPS key location as a location other than the default.

 The 14.3 upgrade installer looked for the FIPSKey.dat file in the default location.

Either create a soft link to the actual fips key file, to the default location below, or move the FIPSkey.dat file to the default location:

/com/netegrity/config/keys/FIPSkey.dat