Samwell Ho
Reputation: 59
WSO2 Carbon Crypto Service Missing property
When WSO2 Identity Server 5.7.0 is starting, I get the following info in the console output:
INFO {org.wso2.carbon.crypto.provider.internal.DefaultCryptoProviderComponent} - 'CryptoService.Secret' property has not been set. 'org.wso2.carbon.crypto.provider.SymmetricKeyInternalCryptoProvider' won't be registered as an internal crypto provider. Please set the secret if the provider needs to be registered.
This is the configuration I used in the /repository/conf/carbon.xml :
<!--
Configurations related to Carbon Crypto Service which is a crypto framework used inside Carbon products.
-->
<CryptoService>
<Enabled>true</Enabled>
<!-- The crypto provider which is used for internal data encryption and decryption -->
<InternalCryptoProviderClassName>org.wso2.carbon.crypto.provider.KeyStoreBasedInternalCryptoProvider</InternalCryptoProviderClassName>
<!--
The crypto provider which is used for the crypto needs which come when communicating with external parties.
e.g. Signing, Decrypting.
-->
<ExternalCryptoProviderClassName>org.wso2.carbon.core.encryption.KeyStoreBasedExternalCryptoProvider</ExternalCryptoProviderClassName>
<!--
The list of key resolvers which will be used based on the context when handling crypto with external parties.
e.g. Resolving the public key of an external entity.
-->
<KeyResolvers>
<KeyResolver className="org.wso2.carbon.crypto.defaultProvider.resolver.ContextIndependentKeyResolver" priority="-1"/>
</KeyResolvers>
</CryptoService>
<!--
The KeyStore which is used for encrypting/decrypting internal data.
This block is read by Carbon Crypto Service.
-->
<InternalKeyStore>
<!-- Keystore file location-->
<Location>${carbon.home}/repository/resources/security/internal.jks</Location>
<!-- Keystore type (JKS/PKCS12 etc.)-->
<Type>JKS</Type>
<!-- Keystore password-->
<!-- <Password svns:secretAlias="Carbon.Security.KeyStore.Password">password</Password> -->
<Password>wso2carbon</Password>
<Secret>wso2carbon</Secret>
<!-- Private Key alias-->
<KeyAlias>wso2carbon</KeyAlias>
<!-- Private Key password-->
<KeyPassword>wso2carbon</KeyPassword>
</InternalKeyStore>How can I resolve this problem?
Upvotes: 3
Views: 2890
Answers (2)
Scholtz
Reputation: 3746
WSO2 API Manager 3.0.0+ or EI6.6.0+ where deployment.toml file is used:
[encryption]
key = "CryptoService.Secret"
This will add proper config to carbon.xml on start.
For more info about how new configuration works: deployment.toml configuration options
For older version applies configuration in carbon.xml .. add tag Secret to CryptoService tag:
<CryptoService>
..
<Secret>SECRET_KEY</Secret>
</CryptoService>
Upvotes: 2
senthalan
Reputation: 2386
You can add an element with a value. This value will be used as the SymmetricKey
<CryptoService>
...
<Secret>SECRET_KEY</Secret>
</CryptoService>
Upvotes: 0
Related Questions
- WSO2 IS userstore encryption of Property=password failed error
- wso2 Identity Server 5.9.0 setup overwriting carbon.xml
- WSO2 Tenant authentication failed
- ERROR {org.wso2.carbon.idp.mgt.util.IdPManagementUtil} - Error when accessing the IdentityProviderManager for tenant
- WSO2 Carbon Initialization Failed (Fatal Error)
- WSO2 Identity Server. Error when processing request
- start wso2is-5.2 as window service
- Exception in Authentication Framework WSO2 IS
- WSO2 Identity Server: Error while loading Identity Provider
- wso2 Identity Server Your account is not active