Error : Error creating JSAFE_PrivateKey object when certificate import
search cancel

Error : Error creating JSAFE_PrivateKey object when certificate import

book

Article ID: 234667

calendar_today

Updated On:

Products

SITEMINDER

Issue/Introduction

 

When running an AdminUI, when trying to display the certificates, the
AdminUI reports error :

server.log :

  2022-01-26 08:14:54,632 ERROR [stderr] (default task-44)
  com.netegrity.smkeydatabase.db.SmCertificateDataStoreException:
  Error creating JSAFE_PrivateKey object.
  
  2022-01-26 08:14:54,633 ERROR [stderr] (default task-44) at
  com.netegrity.smkeydatabase.db.xps.XPSCertificateDataStoreUtil.convertToPrivateKey(XPSCertificateDataStore
  
  2022-01-26 08:14:54,640 ERROR [stderr] (default task-44) Caused by:
  java.lang.IllegalArgumentException: derData array length should be
  less than 8

 

Environment

 

  AdminUI 12.8SP1 on RedHat 7;
  Policy Server 12.8SP1 on RedHat 7;
  Policy Store on CA Directory 12.6SP4 ...[Out of Support];

 

Cause

 

From the Policy Store export, the defaultenterpriseprivatekey
certificates has many xpsNumber associated, as it should have only 1.
  
pstore.xml
    
        <Object Class="CA.CDS::Certificate" Xid="CA.CDS::Certificate@00016d8e-sw52-1a0e-93c9-01060a06f0b4"
         CreatedDateTime="2020-01-03T15:28:56" UpdatedBy="XPSDictionary::Import" UpdateMethod="Internal" ExportType="Replace">
            <Property Name="CA.CDS::Certificate.Alias">
                <StringValue>defaultenterpriseprivatekey</StringValue>
    

pstore.ldif


    
  dn: xpsNumber=1422022968,ou=XPS,ou=PolicySvr4,ou=SiteMinder,ou=Netegrity,dc=
   training,dc=com
  xpsGUID: 00016d8e-sw52-1a0e-93c9-01060a06f0b4
  xpsSortKey: 2-0000006332
  xpsUpdateBy: XPSDictionary::Import
  xpsUpdateMethod: 1
  xpsProperty: 800545943[1]S=defaultenterpriseprivatekey
  xpsProperty:: MjY3NDcwMjg0WzFdUz1NSUlGcnpDQ0JSaWdBd0lCQWdJS0g4OENQUUFHQUFJS0
   lUQU5CZ2txaGtpRzl3MEJBUVVGQURCTU1STXcKRVFZS0NaSW1pWlB5TEdRQkdSWURiR0Z1TVJnd
  [...]
  dn: xpsNumber=1008575218,ou=XPS,ou=PolicySvr4,ou=SiteMinder,ou=Netegrity,dc=
   training,dc=com
  xpsGUID: 00016d8e-sw52-1a0e-93c9-01060a06f0b4
  xpsSortKey: 2-0000004459
  xpsUpdateBy: XPSDictionary::Import
  xpsUpdateMethod: 1
  xpsProperty: 800545943[1]S=defaultenterpriseprivatekey
  xpsProperty: 720016076[1]I=1
  xpsProperty:: MjY3NDcwMjg0WzFdUz1NSUlGcnpDQ0JSaWdBd0lCQWdJS0g4OENQUUFHQUFJS0
   lUQU5CZ2txaGtpRzl3MEJBUVVGQURCTU1STXcKRVFZS0NaSW1pWlB5TEdRQkdSWURiR0Z1TVJnd
  [...]

  dn: xpsNumber=0552354723,ou=XPS,ou=PolicySvr4,ou=SiteMinder,ou=Netegrity,dc=
   training,dc=com
  xpsProperty:: MjY3NDcwMjg0WzFdUz1NSUlGcnpDQ0JSaWdBd0lCQWdJS0g4OENQUUFHQUFJS0
   lUQU5CZ2txaGtpRzl3MEJBUVVGQURCTU1STXcKRVFZS0NaSW1pWlB5TEdRQkdSWURiR0Z1TVJnd
  [...]
  xpsGUID: 00016d8e-sw52-1a0e-93c9-01060a06f0b4
  [...]

  dn: xpsNumber=1634962124,ou=XPS,ou=PolicySvr4,ou=SiteMinder,ou=Netegrity,dc=
   training,dc=com
  xpsGUID: 00016d8e-sw52-1a0e-93c9-01060a06f0b4
  xpsProperty:: MjY3NDcwMjg0WzFdUz1NSUlGcnpDQ0JSaWdBd0lCQWdJS0g4OENQUUFHQUFJS0
   lUQU5CZ2txaGtpRzl3MEJBUVVGQURCTU1STXcKRVFZS0NaSW1pWlB5TEdRQkdSWURiR0Z1TVJnd
  [...]

  dn: xpsNumber=0182740844,ou=XPS,ou=PolicySvr4,ou=SiteMinder,ou=Netegrity,dc=
   training,dc=com
  xpsProperty:: MjY3NDcwMjg0WzFdUz1NSUlGcnpDQ0JSaWdBd0lCQWdJS0g4OENQUUFHQUFJS0
   lUQU5CZ2txaGtpRzl3MEJBUVVGQURCTU1STXcKRVFZS0NaSW1pWlB5TEdRQkdSWURiR0Z1TVJnd
  [...]
  xpsGUID: 00016d8e-sw52-1a0e-93c9-01060a06f0b4

  dn: xpsNumber=0182740844,ou=XPS,ou=PolicySvr4,ou=SiteMinder,ou=Netegrity,dc=
   training,dc=com
  xpsProperty:: MjY3NDcwMjg0WzFdUz1NSUlGcnpDQ0JSaWdBd0lCQWdJS0g4OENQUUFHQUFJS0
   lUQU5CZ2txaGtpRzl3MEJBUVVGQURCTU1STXcKRVFZS0NaSW1pWlB5TEdRQkdSWURiR0Z1TVJnd
  [...]
  xpsGUID: 00016d8e-sw52-1a0e-93c9-01060a06f0b4

  dn: xpsNumber=1529589359,ou=XPS,ou=PolicySvr4,ou=SiteMinder,ou=Netegrity,dc=
   training,dc=com
  xpsProperty: 800545943[1]S=defaultenterpriseprivatekey
  xpsProperty: 1169912929[1]S={AESKW}WU10oQNjtWlFdtUrFQ+lOopGNbmfuYTRbSjdFZQuY
   0MO6TWGG0G4K3RgL8/lJ1gUcbn95Kvf8eCaMTXlmvbyZ3NhRxFtFo1L23c6PYAIQhNveHbuxAGI
  [...]
  xpsProperty:: MjY3NDcwMjg0WzFdUz1NSUlGcnpDQ0JSaWdBd0lCQWdJS0g4OENQUUFHQUFJS0
   lUQU5CZ2txaGtpRzl3MEJBUVVGQURCTU1STXcKRVFZS0NaSW1pWlB5TEdRQkdSWURiR0Z1TVJnd
  [...]
  xpsGUID: 00016d8e-sw52-1a0e-93c9-01060a06f0b4

 

Resolution

 

Upgrade the Policy Store version to a supported one, and initialize a
new instance of Policy Store and import the current data into the new
one to fix this issue.

 

Powered by Wolken Software