| Article Number | 000029037 |
| Applies To | RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 7.1 SP4
Platform: Windows |
| Issue | The Authentication Manager database was migrated from Ra server running 7.1 SP4 patch 12 to another machine running 7.1 SP4 patch 12. The migration completed with some errors.
After the migration, the administrator cannot access the Security Console. The <server name>_server.log file shows the error:
Invocation of init method failed; nested exception is java.lang.Error: failed to decrypt data
org.springframework.beans.factory.BeanCreationException:
Error creating bean with name 'KeyManager' defined in URL
[zip:C:/Program Files/RSA Security/RSA Authentication Manager/server/servers/thorrsa_server/tmp/_WL_user/am-app/fyoaey/APP-INF/lib/ims-server-o.jar!/ims-components.xml]:
nvocation of init method failed;
nested exception is
java.lang.Error: failed to decrypt data
...
com.rsa.ims.security.crypto.CryptoException: Configuration error, cannot find decryption key with ID=1d3b380b0300a8c0004177bc4e5162d0
at com.rsa.ims.security.utils.DatabaseCryptoKey.<init>(DatabaseCryptoKey.java:244)
at com.rsa.ims.security.keymanager.dal.sql.KeyManagerDAL.decrypt(KeyManagerDAL.java:739)
|
| Cause | New additional encryption keys were introduced after Authentication Manager 7.1 patch 8. The keys in systemfields.properties file and the keys in the database do not match. This issue was reported in defect AM-22253. |
| Resolution | This issue was corrected in Authentication Manager 7.1 SP4 patch 18. |
| Workaround | - Install Authentication Manager 7.1 SP4. The database will restore without any errors.
- Install the most recent patch on the Authentication Manager 7.1 SP4 server.
- Launch the Security Console. It will now work as expected.
|
on Jun 15, 2016