Project and Portfolio Management Practitioners Forum
cancel

Import Users / Default Password Encryption

Highlighted
Jamie Pick
Super Contributor.

Import Users / Default Password Encryption

Today our daily Import Users job failed with the following error
"java.lang.RuntimeException: bad cipher text". It failed on the step "Encrypt Password", which is running the command "com.kintana.core.server.tools.PasswordInterfaceTable" passing in the Group Id and Default Password.

It seems as if perhaps a key file (encryption) or something may have expired. Has anyone else run into something similar? I've looked all over - where would I find what exactly this PasswordInterfaceTable routine is?

Thanks!

Jamie
5 REPLIES
Erik Cole_1
Outstanding Contributor.

Re: Import Users / Default Password Encryption

Jamie, the keys are stored in $KNTA_HOME/security

You could try backing them up, then re-creating them with kKeyGen.sh
Jamie Pick
Super Contributor.

Re: Import Users / Default Password Encryption

Hey Eric -

Thanks for the response.

Another variable in the mix here is we first got this error (and some other strange Workbench problems) when a new application server was moved into our clustered environment - it wasn't intended to go live yet, it was accidentally pointed at our production database which appeared to suck it into the cluster. Some reports were running on this new server, including Import Users - we've since powered down this box but are still experiencing this Import User issue and others.

We're going to try and recycle the JVMs on our other three servers to clear them up first prior to regenerating keys.

Interestingly, the admin guide mentions needing to re-encrypt all user passwords if new keys are generated, though it doesn't explain how this would be done.

Thanks,

Jamie
Erik Cole_1
Outstanding Contributor.

Re: Import Users / Default Password Encryption

Hi Jamie,

Yeah, good point - you may want to have support's help to recover from this one, especially if your import users report updates existing users. Were the key files on the "rogue" box different?
Jamie Pick
Super Contributor.

Re: Import Users / Default Password Encryption

No, they were the same as on the good boxes.

We've got HP lending a hand on the mess we've gotten ourselves into.

Thanks,

Jamie
Jamie Pick
Super Contributor.

Re: Import Users / Default Password Encryption

Resolved with a JVM recycle and kUpdateHtml.sh run on all of our servers.