<div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div>Hello guys</div><div>I think I found where the error is.</div><div>In the command below, I initially typed:</div><div><br></div><div>keytool -genseckey -alias strong -keystore /opt/midpoint/var/keystore.jceks -storetype jceks -storepass changeit -keyalg AES -keysize 256 <b>-keypass my_new_password</b></div><div><br></div><div><br></div><div>I ran the command again and switched to:</div><div><br></div><div>keytool -genseckey -alias strong -keystore /opt/midpoint/var/keystore.jceks -storetype jceks -storepass changeit -keyalg AES -keysize 256<b> -keypass midpoint</b></div><div><b><br></b></div><div>I initially tried to change the default midpoint password for the encryption key with a new password<br></div><div><br></div><div>After this change I was able to successfully start the midpoint</div><div><br></div><div>I believe that the password for the encryption key cannot be changed, am I right? Someone was able to change the password for the security key.</div><div><br></div><div>Regards</div><div><br></div><div>Gus</div><div><br></div></div></div></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">Em ter., 29 de dez. de 2020 às 11:13, Gus Lou <<a href="mailto:gugalou38@gmail.com">gugalou38@gmail.com</a>> escreveu:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div dir="ltr"><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(245,245,245)"><span>Hello guys</span></span><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(245,245,245)"><span>
</span></span><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(245,245,245)"><span>I tried to change the password for the default AES encryption key stored in the keystore file.</span></span><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(245,245,245)"><span>
</span></span><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(245,245,245)"><span>For that I stopped the midpoint service and followed the wiki procedure:</span></span></div><div dir="ltr"><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(245,245,245)"><span>
</span></span><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(245,245,245)"><span><a href="https://wiki.evolveum.com/display/midPoint/Encryption+and+Keys" target="_blank">https://wiki.evolveum.com/display/midPoint/Encryption+and+Keys</a></span></span><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(245,245,245)"><span>
</span></span><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(245,245,245)"><span><br></span></span></div><div dir="ltr"><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(245,245,245)"><span>After creating a new key (aes256), I adjusted the midpoint configuration file and started the application.</span></span><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(245,245,245)"><span>
</span></span><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(245,245,245)"><span>But Midpoint does not start, in the logs I can observe the following error:</span></span><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(245,245,245)"><span>
</span></span><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(245,245,245)"><span>Couldn't encrypt node secret: No key mapped to alias strong could be found in the keystore.</span></span><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(245,245,245)"> </span><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(245,245,245)"><span>Keys by alias must be recompute during initialization</span></span><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(245,245,245)"><span>
</span></span><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(245,245,245)"><span>Did I forget a step to change the AES key?</span></span><br></div><div dir="ltr"><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(245,245,245)"><span><br></span></span></div><div><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(245,245,245)"><span>Regards Gus</span></span></div></div>
</blockquote></div>