Sailpoint iiq keystore

IdentityIQ (IIQ) IIQ Discussion and Questions
1

Which IIQ version are you inquiring about?

8.4

Share all details about your problem, including any error messages you may have received.

Hi,

I followed documentation Key Creation

to generate new encryption key for credential management in iiq keystore. The new key was generated successfully as iiq.dat and iiq.cfg inside the /WEB-INF/classes directory.

Restarted the application server : systemctl restart tomcat

But when I try to test decrypt using the context.decrypt() function through a custom rule, the below error message comes.

Exception running rule: The application script threw an exception: sailpoint.tools.GeneralException: There is a problem with the keystore installed on this system. BSF info: Decrypt at line: 0 column: columnNo

Below points are the fixes that I tried.

  1. Manually mentioned /opt/tomcat/webapps/ROOT/WEB-INF/classes/iiq.dat and iiq.cfg in the iiq.properties file.
  2. Moved the iiq.dat and iiq.cfg files to a different location and mentioned that in the iiq.properties file.

Both these did not help in fixing the issue.

Please let me know what could be the issue here.

2

Hi @vasas,

this error appears when IIQ cant decrypt the pwds and there is a problem with the keystore.

In iiq.properties, have uncomment the path for cfg and dat files?
Do you have generate the keystore from another environment and havo in import on this one?

3

Hey Emmanuele,

I tried the above two points mentioned in the post

4

I asked something different.

other question: have you fallow only the Key Creation page or all the procedure?

image

5

Hi Emanuele,

In iiq.properties, have uncomment the path for cfg and dat files?

Yes

Do you have generate the keystore from another environment and havo in import on this one?

It was generated in this environment

have you fallow only the Key Creation page or all the procedure?

I have followed only the key creation, I have not done any re-encyptions yet as I am testing with the new key.

6

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.