Issue:
We are running the following command to export the Key Store keys :
smkeyexport -okeyexport.smdif -dsiteminder -wpassword -c -v -t
but in the keyexport.smdif file, we still see the keys with the mark {RC2}
which means that they are still encrypted.
So when we try to import those keys when running smkeyimport, we get
the error :
Cleartext import specified yet KeyManagement key is already
encrypted in import file. Skipping encrypt. Continuing..
How can we fix this ?
Environment:
Policy Server 12.51CR01 on Windows 2008R2;
Policy Server JDK 1.6.0_45 32bit;
Cause:
This is a known issue by Policy Server 12.51CR01. And it is fixed on
Policy Server 12.51CR02 as per readme :
Policy Server 12.51 CR02
177001, 182980 During the data export, smkeyexport and the -k and -c
options of smobjexport do not decrypt the keys.
ps-12.51-cr08-readme.txt
Resolution:
Apply at least the 12.51CR02 or higher on the Policy Server 12.51CR01 to fix this issue.
KB : KB000116828