Sealer key error...
Cantor, Scott
cantor.2 at osu.edu
Thu Jun 29 08:58:08 EDT 2017
(Or if you did reset the version file, those are just inevitable errors from clients holding data encrypted under an older key that are coming back now with data it can't decrypt.)
-- Scott
On 6/29/17, 8:55 AM, "Cantor, Scott" <cantor.2 at osu.edu> wrote:
On 6/29/17, 8:52 AM, "users on behalf of Marc SAHIN" <users-bounces at shibboleth.net on behalf of marc.sahin at univ-lyon2.fr> wrote:
> Strangely, I can list the content of Selaer.jks keystore without password
> and can not list the SecretKeys with password defined in idp.properties(idp.sealer.storePassword).
Then something tampered with the file. The IdP doesn't write to it, only the seckeygen utility or manually using keytool with it would do that.
> When I restore the Sealer files, it looks for another secret key like belows :
Then you didn't reset the version file. You have to clear the key version file next to it if you need to completely revert it, or you need to make sure the version in the file matches the end of the alias name that's in the store.
-- Scott
More information about the users
mailing list