Help
Not a customer? Start a free trial

Click the Start a free trial link to start a 30-day SaaS trial of our product and join our community as a trial customer. If you are an existing customer do not start a free trial.

AppDynamics customers and established members should click the sign in button to authenticate.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Why am I seeing the EUM startup error "Illegal key size or default parameters"?

Chitra.Lal
AppDynamics Team

on ‎10-03-2018 09:39 AM

Issue 

What should I do if my EUM Server is unable to start because of below error?

Error Starting EUM Processor Server
 |      com.google.inject.CreationException: Unable to create injector, see the following errors:

Error in custom provider, com.singularity.ee.util.security.credentialstore.exception.CryptoOperationFailureException: Failed to decrypt: Illegal key size or default parameters

Error in custom provider, com.singularity.ee.util.security.credentialstore.exception.CryptoOperationFailureException: 
Failed to decrypt: Input length must be multiple of 16 when decrypting with padded cipher.....

 

Cause And Solution

This error is mostly seen post-upgrade or during upgrades, which stops the EUM upgrade/startup or login process.
 
This usually happens when encrypted/obfuscated values in the eum.properties are incorrect. In order to fix this, edit your eum.properties file with the properties below and restart your EUM server
 
1. Change onprem.useEncryptedCredentials=true to false -->  onprem.useEncryptedCredentials=false
 
2. Set the password in plaintext for the below properties: 
onprem.dbPassword=<<plaintext passowrd>>
onprem.credentialKey=<<plaintext passowrd>>
 
3. If the upgrade was from 4.0 to 4.5, you might also have to update the password in  <eum_server_home>/eum-processor/bin/liquidbase.properties for the password property. 
 
4. Restart the EUM server.
 
If, however, you cannot use the plaintext passwords and you need to use encrypted passwords, you will need to regenerate the encrypted key for the the database password and obfuscated keys for the credential key. Then, update the eum.properties file and restart the EUM Server.  The database password may not be decipherable using the key in use. You can follow the steps below to complete this for this process:

1. Generate a new credential store:
 
bin/eum-credential-key.sh generate_ks -storepass <store_password>
 
2. Generate a new obfuscated password for the credential store:
 
bin/eum-credential-key.sh obfuscate -plaintext <store_password>
 
3. Generate a new database password:
 
bin/eum-credential-key.sh encrypt -storepass <store_password> -plaintext <DB_password>
 
4 After this, modify the eum.properties file as:
 
onprem.dbPassword=<<output of 3 above>>
onprem.credentialKey=<<output of 2 above>>
onprem.useEncryptedCredentials=true
 
5. Restart the EUM Server. 
 
For additional information on this change the credential keystore password for the EUM Database
click here
0 Kudos
Version history
Last update:
‎10-03-2018 09:39 AM
Updated by:

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form

By clicking subscribe, I have read and understood the Privacy Policy and Terms of Use.
Platform
Solutions
Learn

Company
Support