Layer7 Access Management

Tech Tip : CA Single Sign-On : Policy Server :: The Last Key decoded to Null from the Keystore

  • 1.  Tech Tip : CA Single Sign-On : Policy Server :: The Last Key decoded to Null from the Keystore

    Posted 07-06-2017 09:21 AM

    Issue:

     

    We're running several Policy Servers in Production. After changing the Encryption Key, one of the Policy Servers started suddenly to give errors in the smps.log :

    [ERROR] The last key decoded to null from the keystore

    [ERROR] Failed to generate agent key update commands


    How can we solve this problem ?

     

    Cause:

     

    The Reason for these error messages is that the Encryption Key isn't the same across Policy Servers in your environment.

     

    Resolution:

     

    To resolve this issue, choose one of the following:


    From SMCONSOLE -> Keys tab:

     

    - Select Encrypt Keys Using Policy Store Encryption Key

     

    or

     

    - Uncheck "Encrypt Keys Using Policy Store Encryption Key"

    and set the Policy Store key and manually enter the value in the two dialog boxes

     

    Make sure that all Policy Servers are configured the same way in your Environment.

     

    KB : TEC565906