After Generated OAuth Azure Access Token , unable to process Emails.
search cancel

After Generated OAuth Azure Access Token , unable to process Emails.

book

Article ID: 272848

calendar_today

Updated On: 04-30-2025

Products

CA Service Management - Service Desk Manager

Issue/Introduction

We are able to generate an OAuth token in Azure, but when that happens the emails are not processed

maileater_nxd logs show the following:

2023-06-20 10:52:31:059 ERROR  [ForkJoinPool-1-worker-3] c.c.S.m.c.JavaMailIMAPClient - [ID:(EMAIL@AZURE.COM),HN:(outlook.office365.com)] -> [IMAPS|993] Failed to connect to the Store.
javax.mail.MessagingException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)

Caused by: java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)

Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)

Caused by: java.security.UnrecoverableKeyException: Get Key failed: null

Caused by: java.lang.NullPointerException: null

The error persists after confirming Azure credentials and using known working certificates.

Environment

CA Service Management - 17.x

Mailbox is in Azure

Cause

After generating DEBUG logs, the following logs were discovered:

2023-08-18 13:29:15:924 DEBUG  [Thread-6] c.c.S.m.c.PDMMailerUtil - keytool error: java.io.IOException: keystore password was incorrect
2023-08-18 13:29:15:924 DEBUG  [Thread-6] c.c.S.m.c.PDMMailerUtil - java.io.IOException: keystore password was incorrect
2023-08-18 13:29:15:924 DEBUG  [Thread-6] c.c.S.m.c.PDMMailerUtil -     at java.base/sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2116)
2023-08-18 13:29:15:924 DEBUG  [Thread-6] c.c.S.m.c.PDMMailerUtil -     at java.base/sun.security.util.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:222)
2023-08-18 13:29:15:924 DEBUG  [Thread-6] c.c.S.m.c.PDMMailerUtil -     at java.base/java.security.KeyStore.load(KeyStore.java:1479)
2023-08-18 13:29:15:924 DEBUG  [Thread-6] c.c.S.m.c.PDMMailerUtil -     at java.base/java.security.KeyStore.getInstance(KeyStore.java:1807)
2023-08-18 13:29:15:939 DEBUG  [Thread-6] c.c.S.m.c.PDMMailerUtil -     at java.base/java.security.KeyStore.getInstance(KeyStore.java:1687)
2023-08-18 13:29:15:939 DEBUG  [Thread-6] c.c.S.m.c.PDMMailerUtil -     at java.base/sun.security.tools.keytool.Main.doCommands(Main.java:937)
2023-08-18 13:29:15:939 DEBUG  [Thread-6] c.c.S.m.c.PDMMailerUtil -     at java.base/sun.security.tools.keytool.Main.run(Main.java:421)
2023-08-18 13:29:15:939 DEBUG  [Thread-6] c.c.S.m.c.PDMMailerUtil -     at java.base/sun.security.tools.keytool.Main.main(Main.java:414)
2023-08-18 13:29:15:939 DEBUG  [Thread-6] c.c.S.m.c.PDMMailerUtil - Caused by: java.security.UnrecoverableKeyException: failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
2023-08-18 13:29:15:939 DEBUG  [Thread-6] c.c.S.m.c.PDMMailerUtil -     ... 8 more
2023-08-18 13:29:24:099 DEBUG  [Thread-5] c.c.S.m.c.PDMMailerUtil - 
2023-08-18 13:29:24:099 DEBUG  [Thread-5] c.c.S.m.c.PDMMailerUtil -     FAILED:  The certificate was not imported into the keystore.
2023-08-18 13:29:24:099 DEBUG  [Thread-5] c.c.S.m.c.PDMMailerUtil -     Exiting at pdm_keystore_mgr.pl line 170.
2023-08-18 13:29:24:194 DEBUG  [Thread-2] c.c.S.m.c.PDMMailerUtil - Exit value from pdm_keystore_mgr.pl: 1

The certificates were not imported as the keystore password is incorrect.

The keystore password is a randomly generated hash located in the nx.env file:

@NX_KEYSTORE_REF

Resolution

Follow these steps to regenerate the keystore password:

  • Stop the CA Service Desk Manager Service.
  • Open NX.env file and delete the entry @NX_KEYSTORE_REF and its value.
  • Navigate to $NX_ROOT\pdmconf folder and delete the file nx.keystore
  • Restart the Service Desk services.

 The certificates should be imported properly and the polling should work.

If there is an authentication error in the maileater_nxd.log file after the restart of services, regenerate the access token from the Mailbox oAuth detail page.

Additional Information

Powered by Wolken Software