Error in FIM web browser:
Error message: Exception encountered at the top-level of the profile bean: The assertion could not be decrypted: Unable to decrypt due to an error: Unable to load the keystore from keystore file location Error stack trace: com.rsa.fim.profile.sso.SSOProfileException: Exception encountered at the top-level of the profile bean: The assertion could not be decrypted: Unable to decrypt due to an error: Unable to load the keystore from keystore file location at com.rsa.fim.profile.sso.SSOHelper.handleThrowable(SSOHelper.java:638) at com.rsa.fim.profile.sso.SAML20SSOService.processResponse(SAML20SSOService.java:1888) at com.rsa.fim.profile.sso.SSOProfileBean.processResponse(SSOProfileBean.java:179) at com.rsa.fim.profile.common.FIMProfileBean.processResponse(FIMProfileBean.java:69) at com.rsa.fim.profile.common.FIMProfile_mzkd72_EOImpl.processResponse(FIMProfile_mzkd72_EOImpl.java:157) at com.rsa.fim.servlet.sso.AssertionConsumerService.doGet(AssertionConsumerService.java:78) at com.rsa.fim.servlet.sso.AssertionConsumerService.doPost(AssertionConsumerService.java:39) at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) at javax.servlet.http.HttpServlet.service(HttpServlet.java:820) at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:226) at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:124) at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:283) at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42) at com.rsa.fim.servlet.FIMGenericServletFilter.doFilter(FIMGenericServletFilter.java:38) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42) at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3393) at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321) at weblogic.security.service.SecurityManager.runAs(Unknown Source) at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2140) at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2046) at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1366) at weblogic.work.ExecuteThread.execute(ExecuteThread.java:200) at weblogic.work.ExecuteThread.run(ExecuteThread.java:172) Caused by: com.rsa.fim.exception.ProfileException: The assertion could not be decrypted: Unable to decrypt due to an error: Unable to load the keystore from keystore file location at com.rsa.fim.profile.util.ProfileHelper.decryptAssertions(ProfileHelper.java:1587) at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1421) at com.rsa.fim.profile.sso.SAML20SSOService.processResponse(SAML20SSOService.java:1471) ... 22 more Caused by: com.rsa.fim.exception.CryptoUtilException: Unable to decrypt due to an error: Unable to load the keystore from keystore file location at com.rsa.fim.util.crypto.EncryptionHelper.decrypt(EncryptionHelper.java:398) at com.rsa.fim.util.crypto.EncryptionHelper.getAssertionsInResponse(EncryptionHelper.java:442) at com.rsa.fim.profile.util.ProfileHelper.decryptAssertions(ProfileHelper.java:1582) ... 24 more Caused by: com.rsa.fim.exception.CryptoUtilException: Unable to load the keystore from keystore file location at com.rsa.fim.util.crypto.EncryptionHelper.decrypt(EncryptionHelper.java:347) ... 26 more
Error in FIM System.log
2009-08-28 13:48:31,953, (SSOHelper.java:632), vdc-image001, , , , SSO top-level profile exception: , com.rsa.fim.exception.ProfileException: The assertion could not be decrypted: Unable to decrypt due to an error: Unable to load the keystore from keystore file location
at com.rsa.fim.profile.util.ProfileHelper.decryptAssertions(ProfileHelper.java:1587)
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1421)
at com.rsa.fim.profile.sso.SAML20SSOService.processResponse(SAML20SSOService.java:1471)
at com.rsa.fim.profile.sso.SSOProfileBean.processResponse(SSOProfileBean.java:179)
at com.rsa.fim.profile.common.FIMProfileBean.processResponse(FIMProfileBean.java:69)
at com.rsa.fim.profile.common.FIMProfile_mzkd72_EOImpl.processResponse(FIMProfile_mzkd72_EOImpl.java:157)
at com.rsa.fim.servlet.sso.AssertionConsumerService.doGet(AssertionConsumerService.java:78)
at com.rsa.fim.servlet.sso.AssertionConsumerService.doPost(AssertionConsumerService.java:39)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:226)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:124)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:283)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
at com.rsa.fim.servlet.FIMGenericServletFilter.doFilter(FIMGenericServletFilter.java:38)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3393)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(Unknown Source)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2140)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2046)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1366)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:200)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:172)
Caused by: com.rsa.fim.exception.CryptoUtilException: Unable to decrypt due to an error: Unable to load the keystore from keystore file location
at com.rsa.fim.util.crypto.EncryptionHelper.decrypt(EncryptionHelper.java:398)
at com.rsa.fim.util.crypto.EncryptionHelper.getAssertionsInResponse(EncryptionHelper.java:442)
at com.rsa.fim.profile.util.ProfileHelper.decryptAssertions(ProfileHelper.java:1582)
... 24 more
Caused by: com.rsa.fim.exception.CryptoUtilException: Unable to load the keystore from keystore file location
at com.rsa.fim.util.crypto.EncryptionHelper.decrypt(EncryptionHelper.java:347)
... 26 more
Under Entities/Local Entities/Manage Existing,
Select the Service Provider Entity from the list and select "Edit Basics"
Under the "Signing and Decryption - Messages and Assertions" area in the "Decryption Keystore Entries" area select an available keystore and add it to the Entity.
Related Articles
No X509 certificate in Client KeyStore Number of Views How to change the core dump file location for RSA Web Threat Detection processes Number of Views RSA FIM error: The public key present in the message did not match the public key present in the trusted keystore. Number of Views Restore database script does not load the data Number of Views System.DllNotFoundException: Unable to load DLL 'km' Number of Views
Trending Articles
Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide How to Download OTP Token Seed Files from myRSA RSA Authentication Manager 8.9 Release Notes (January 2026)
