Reputation: 43
artifactory no matched algorithm and key
I have an error when i start artifactory:
[art-exec-3] [ERROR] (o.j.s.c.EncryptionWrapperBase:185) - no matched algorithm and key for AES128 16uJT
[art-exec-3] [ERROR] (o.a.r.s.RepositoryServiceImpl:2626) - Failed to initialize remote repository '(name of maven repo)'. Repository will be blacked-out!
The context is:
I had a functional standalone artifactory.
I have deployed a HA artifactory on this
So with the same database and filestore
I have destroyed my standalone instance and create 2 instances for high availability.
And then i have the error above.
The artifactory service is up
i can request API but only GET, no possible changes like POST.
But no web interface reachable.
If i test a POST request:
{
"errors" : [ {
"status" : 500,
"message" : "Could not decrypt with artifactory key, due to: org.jfrog.security.crypto.KeyIdAlgCipherNotFound: no matched algorithm and key forAES128 16uJT"
} ]
It is obviously an AES128 artifactory_key problem.
But i know my artifactory_key (and my master_key) are good.
It's still the same like before HA, no reason it's different but maybe ... ?
so, what's wrong ?
Can artifactory_key change over time without my consent ?
How can i recover ?
In my database, i have a table named "configs" and artifactory_key is used to encrypt the config i think.
If i recover this table, maybe i can override ?
Except it's all encrypted, with the artifactory_key ? or the master_key ?
It's not usable as is.
Thanks to you
Upvotes: 0
Views: 1141
Answers (2)
Reputation: 43
Thanks for your reply
The problem is: i have destroyed the old instance and recreate two new instances with HA licenses. So i have an artifactory_key in $ARTIFACTORY_HOME/etc/security/ and it's the same on both instances. But apparently not the good one.
And the file $ARTIFACTORY_HOME/etc/artifactory.config.latest.xml is not the good one too, like instances are new. It's a config by default, a void config. There is no "16uJT" string.
That's why i ask if i can retrieve the good configuration directly in the database -> table "configs" except it's encrypted, and i don't know how decrypt without a API request
Regards,
Upvotes: 0
Reputation: 866
Is the artifactory.key in place and located at $ARTIFACTORY_HOME/etc/security/ of both nodes?
Based on the error message it seems as it fails to decrypt a string that contains "16uJT". Can you search for this string in $ARTIFACTORY_HOME/etc/artifactory.config.latest.xml ?
In case it is, you may check what is the expected decrypted value of that entry and manually replace it. If you are not sure, you may try to leave this one blank for now and try to see if this helped.
In order to import the new config after the change, you will need to save the config as: "artifactory.config.import.xml" and then restart the server.
In case this doesn't help, kindly attach the full errors with possible stacktraces.
Upvotes: 2
Related Questions
- org.artifactory.storage.StorageException: Failed to update the unique indices table
- Artifactory Configuration Fails To Start
- Artifactory 5.11 fails to start up due to Access failure
- Running Artifactory on OpenJDK
- Artifactory Couldn't parse ErrorsModel from Access. Original message: Not Found
- Upgrade to Artifactory OSS 5.6.3 MappingException
- Artifactory not running after update, Column not found
- Cannot login on Artifactory
- Artifactory has lost track of local artifacts
- Error when pointing artifactory to artifactory