cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Have a PTC product question you need answered fast? Chances are someone has asked it before. Learn about the community search. X

License Encrypting Passwords Error: Unable to load SecretProvider, Password verification failed

seanccc
17-Peridot

License Encrypting Passwords Error: Unable to load SecretProvider, Password verification failed

Hi,

I'm using security-common-cli-1.0.0.26 to encrypt the password  but got the errors below.  And If set the plain password in the platform-settings.json , I got the same error in the tomcat's log. 

 

2019-08-16 11:00:32.223+0800 [L: INFO] [O: c.t.s.SecurityManagerBootstrapper] [T: main] initializing KeyStore provider
2019-08-16 11:00:32.489+0800 [L: ERROR] [O: c.t.s.SecurityManagerBootstrapper] [T: main] Unable to load SecretProvider, {}
java.security.UnrecoverableKeyException: Password verification failed
    ... 13 common frames omitted
Wrapped by: java.io.IOException: Keystore was tampered with, or password was incorrect
    at com.sun.crypto.provider.JceKeyStore.engineLoad(JceKeyStore.java:879)
    at java.security.KeyStore.load(KeyStore.java:1445)
    at com.thingworx.security.provider.keystore.KeyStoreProvider.loadKeystore(KeyStoreProvider.java:154)
    at com.thingworx.security.provider.keystore.KeyStoreProvider.<init>(KeyStoreProvider.java:44)
    ... 9 common frames omitted
Wrapped by: java.lang.reflect.InvocationTargetException: null
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
    at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
    at com.thingworx.security.SecurityManagerBootstrapper.createSecretProvider(SecurityManagerBootstrapper.java:106)
    at com.thingworx.security.SecurityManagerBootstrapper.init(SecurityManagerBootstrapper.java:58)
    at com.thingworx.security.cli.SecurityTool.initializeSecurityManager(SecurityTool.java:227)
    at com.thingworx.security.cli.SecurityTool.initialize(SecurityTool.java:195)
    at com.thingworx.security.cli.SecurityTool.main(SecurityTool.java:661)
2019-08-16 11:00:32.489+0800 [L: ERROR] [O: c.t.s.SecurityManagerBootstrapper] [T: main] Failed to create SecurityManager, Failed to load SecretProvider

 

 

The command I ran is : 

 

security-common-cli.bat keystore.conf set encrypt.licensing.password "abc1234"

 

My environment: (C:\ThingworxPlatform and C:\ThingworxStorage has role Everyone and full controll assigned )

 

C:\security-common-cli-1.0.0.26\bin
C:\ThingworxPlatform
C:\ThingworxStorage
C:\security-common-cli-1.0.0.26\bin\keystore.conf
{
security { secret-provider = "com.thingworx.security.provider.keystore.KeyStoreProvider" default-encryption-key-length = 128 keystore { password-file-path = "/ThingworxPlatform" password-file-name = "keystore-password" path = "/ThingworxStorage" name = "keystore.jks" } } }

 

 

Thingworx 8.4.2 + PostgreSql + Windows server 2016. 

 

I've checked the article Article - CS189387  , but it doesn't help .    

 

Regards,

Sean

 

Regards,

Sean

ACCEPTED SOLUTION

Accepted Solutions
seanccc
17-Peridot
(To:seanccc)

I solved it , what I did: 

1. add keystore-password in ThingworxPlatform back

2. remove keystore.jks from ThingworxStorage. 

3. run the tool again. 

View solution in original post

1 REPLY 1
seanccc
17-Peridot
(To:seanccc)

I solved it , what I did: 

1. add keystore-password in ThingworxPlatform back

2. remove keystore.jks from ThingworxStorage. 

3. run the tool again. 

Announcements


Top Tags