Hi,
We recently installed VAs for one of the tenant and we tried Active Directory test connection after IQService installation,
The source is not getting connected and we are seeing this error “Cannot find key to decrypt message”.
I wonder if someone has faced this issue ?
Solution and any insights are welcome
We are using non TLS configuration, we noticed that the exact same error is coming for another connector as well. “Can not find Key to decrypt message”.
@vdivakar - I’d bet lunch that the keyPassphrase you used for the VA cluster contains an invalid special character which is normally the issue if you’re seeing “java.lang.RuntimeException: java.io.FileNotFoundException: /opt/sailpoint/data/keystore.jks (No such file or directory)” in the ccg.log file.
Passphrases should not start with a special character. These will often interfere with YAML specifications and be interpreted incorrectly.
Exclamation point ( ! ), spaces, and forward and back slashes (/ and ) cannot be used. (no longer part of the above document, but used to be applicable and my still be even though it’s not documented)
This manifests itself in a success VA connection during configuration, but every test connection after that will fail.
Well I have given passphrase in such a way that it only contains normal letters,
is it possible to change the keypassphrase after we install the VAs and existing config.yaml file already has a key encrypted ?