----- Original Message -----
From: "Eli Mesika" <emesika@redhat.com> To: "Dead Horse" <deadhorseconsulting@gmail.com> Cc: "users" <users@ovirt.org>, "Alon Bar-Lev" <alonbl@redhat.com> Sent: Monday, January 28, 2013 11:16:16 PM Subject: Re: [Users] engine Failed to decrypt Data error
----- Original Message -----
From: "Dead Horse" <deadhorseconsulting@gmail.com> To: "Alon Bar-Lev" <alonbl@redhat.com> Cc: "users" <users@ovirt.org>, "Eli Mesika" <emesika@redhat.com> Sent: Monday, January 28, 2013 11:04:53 PM Subject: Re: [Users] engine Failed to decrypt Data error
psql -U engine -d engine -c "select * from vdc_options where option_name in ('LocalAdminPassword', 'AdminPassword');" option_id | option_name |
option_value
| version -----------+--------------------+----------------------------------------------- -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -----------------------------------------------------------+--------- 127 | LocalAdminPassword | KiG8670o1qXVX6omYsiCdaaXtQc/mGmr0qgLHqc8yykoRz OwbfZzU9AxBYwYrJEwyqdq8c2ZwfGVvQ1YVIfGRspKLKogl59gBnwcQuk3al1K4Vtmr2hgWDtm5FBYd5 Nac4WIly4efjMCRjwrpPVkpAX55N8tGJ9LNzX8eRszQ4iVs8zivl0eu9SVhrB8tbHkA/+U5/vss26za8 X+AV67dtDzoD7ZS0eOT1Vx9vrOGHvDYU8tANEb29Et79CJ0whLOOEeuwTpkK1yZdF3PaWRbnTwXZUsB1 hMs9NLdo2ZxZOVSIK1E2mPh1WLybgIX1YB0Ra3BZvjAR9wPZz+jdfZng== | general 7 | AdminPassword | AakmoHu69RmCWkSoVXLOv0cwzwGscXaM+HJAONRtSdECEA VL+bjc1Lis6PHR1vBwdmhITxAvo2998pTJNusvtuTCODra40MTC+9p9+Oev4jWIbkncHH8gRdIKyvHuz O6fNda50VXeWYhGNFIMavw15PlslutUWEpyNAasjEWyZ7cNyjKK2eFKNDZ3F5PCv9RcQXfXkKSveWm6M 40zUVOx1ZjCnptNUpB4VYf5vW8LOpSL5NJpfJQmu36QbBRDDo3+3XPb4ELXA4t1rbPYw9Z7hRbk5Mbtq qvOA7q4+G4nPtxHB7d6dYT2QJ58wgXUSIIoz/odvz5yVYeazIFS3Faww== | general (2 rows)
Too long , supported values for encryption should be < 127 characters
Why too long? it should be 2048 RSA key. And it is exactly 256 decoded.
On Mon, Jan 28, 2013 at 2:38 PM, Alon Bar-Lev < alonbl@redhat.com > wrote:
----- Original Message -----
From: "Dead Horse" < deadhorseconsulting@gmail.com > To: "Alon Bar-Lev" < alonbl@redhat.com > Cc: "users" < users@ovirt.org >, "Eli Mesika" < emesika@redhat.com
Sent: Monday, January 28, 2013 10:35:34 PM Subject: Re: [Users] engine Failed to decrypt Data error
was in the middle of a fresh engine setup which did not exhibit the symptom. However after running: "engine-config -s AdminPassword=interactive" and restarting the engine service on the clean setup the error message now shows up.
- DHC
OK, at least it is related to the admin password.
Please send me the output of:
psql -U engine -d engine -c "select * from vdc_options where option_name in ('LocalAdminPassword', 'AdminPassword');"
Thanks!
On Mon, Jan 28, 2013 at 1:55 PM, Alon Bar-Lev < alonbl@redhat.com
wrote:
----- Original Message -----
From: "Dead Horse" < deadhorseconsulting@gmail.com > To: "Alon Bar-Lev" < alonbl@redhat.com > Cc: "users" < users@ovirt.org >, "Eli Mesika" < emesika@redhat.com
Sent: Monday, January 28, 2013 9:46:53 PM Subject: Re: [Users] engine Failed to decrypt Data error
Current running engine build --> commit: 61c11aecc40e755d08b6c34c6fe1c0a07fa94de8
ran engine upgrade against the built rpms from that commit.
Thus I applied it as an upgrade against prior running build --> commit: 1eb895355239bbcb7a7ceda172405f0b68f18f35
[Please use plain text mails in lists.]
Can you please patch EncryptionUtils.decrypt() with the following, so I can see what source is? source is encrypted blob, should not be a problem to send it.
if (!StringHelper.isNullOrEmpty(source.trim())) { KeyStore store = EncryptionUtils.getKeyStore(keyFile, passwd, certType); Key key = store.getKey(alias, passwd.toCharArray()); + log.info ("DEBUG001 " + source);
result = decrypt(source, key);
}
On Mon, Jan 28, 2013 at 1:28 PM, Alon Bar-Lev < alonbl@redhat.com
wrote:
How do you installed the engine? you built? Which exact version?
----- Original Message -----
From: "Dead Horse" < deadhorseconsulting@gmail.com >
To: "Alon Bar-Lev" < alonbl@redhat.com > Cc: "users" < users@ovirt.org >, "Eli Mesika" < emesika@redhat.com
Sent: Monday, January 28, 2013 9:26:44 PM Subject: Re: [Users] engine Failed to decrypt Data error
Password length is 11 characters and consists of Upper, Lower case and one special character.
On Mon, Jan 28, 2013 at 1:20 PM, Alon Bar-Lev < alonbl@redhat.com
wrote:
We tried to reproduce this. What password do you use? is there one with some great length? If not, Eli, we should send a debug patch for this.
----- Original Message -----
From: "Dead Horse" < deadhorseconsulting@gmail.com > To: "< users@ovirt.org >" < users@ovirt.org > Sent: Monday, January 28, 2013 9:16:20 PM Subject: [Users] engine Failed to decrypt Data error
I see this repeating error in the engine logs quite a bit, any ideas on what causes it?
2013-01-28 13:13:40,483 ERROR [org.ovirt.engine.core.engineencryptutils.EncryptionUtils] (QuartzScheduler_Worker-23) Failed to decrypt Data must not be longer than 256 bytes 2013-01-28 13:13:52,747 ERROR [org.ovirt.engine.core.engineencryptutils.EncryptionUtils] (QuartzScheduler_Worker-81) Failed to decrypt Data must not be longer than 256 bytes 2013-01-28 13:13:52,747 ERROR [org.ovirt.engine.core.engineencryptutils.EncryptionUtils] (QuartzScheduler_Worker-84) Failed to decrypt Blocktype mismatch: 0 2013-01-28 13:13:52,761 ERROR [org.ovirt.engine.core.engineencryptutils.EncryptionUtils] (QuartzScheduler_Worker-85) Failed to decrypt Data must start with zero 2013-01-28 13:14:00,964 ERROR [org.ovirt.engine.core.engineencryptutils.EncryptionUtils] (QuartzScheduler_Worker-23) Failed to decrypt Data must not be longer than 256 bytes 2013-01-28 13:14:00,964 ERROR [org.ovirt.engine.core.engineencryptutils.EncryptionUtils] (QuartzScheduler_Worker-20) Failed to decrypt Data must not be longer than 256 bytes 2013-01-28 13:14:02,983 ERROR [org.ovirt.engine.core.engineencryptutils.EncryptionUtils] (QuartzScheduler_Worker-29) Failed to decrypt Data must not be longer than 256 bytes 2013-01-28 13:14:02,983 ERROR [org.ovirt.engine.core.engineencryptutils.EncryptionUtils] (QuartzScheduler_Worker-34) Failed to decrypt Data must not be longer than 256 bytes
- DHC
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users