Next suspect is encryption cipher and/or key algorithm. The defaults are "AES/CBC/PKCS5Padding" and "PBKDF2WithHmacSHA1".
Can you try something like this to see what is offered by Java? http://stackoverflow.com/questions/9333504/how-can-i-list-the-available-ci pher-algorithms > -----Original Message----- > From: St Laurent, Mark [mailto:[email protected]] > Sent: Monday, November 18, 2013 12:16 PM > To: [email protected] > Subject: RE: [cas-user] ClearPass with Load-Balanced CAS > > Tried this, produces the same error. > > ---------------------------------- > Mark St. Laurent > Web Systems Administrator > Yavapai College > (928) 717-7654 > http://www.yc.edu > > > -----Original Message----- > From: Misagh Moayyed [mailto:[email protected]] > Sent: Friday, November 15, 2013 6:30 PM > To: [email protected] > Subject: RE: [cas-user] ClearPass with Load-Balanced CAS > > Lets remove other variables: what happens when you test without the salt and > the secret key from all nodes, relying on the defaults? > > > -----Original Message----- > > From: St Laurent, Mark [mailto:[email protected]] > > Sent: Friday, November 15, 2013 1:23 PM > > To: [email protected] > > Subject: RE: [cas-user] ClearPass with Load-Balanced CAS > > > > Yes, there are only two hosts in the cluster and their clearpass- > > configuration.xml files are identical. > > > > ---------------------------------- > > Mark St. Laurent > > Web Systems Administrator > > Yavapai College > > (928) 717-7654 > > http://www.yc.edu > > > > -----Original Message----- > > From: Marvin Addison [mailto:[email protected]] > > Sent: Friday, November 15, 2013 12:00 PM > > To: [email protected] > > Subject: Re: [cas-user] ClearPass with Load-Balanced CAS > > > > > I added the exception stack to the gist. > > > > Root cause: javax.crypto.BadPaddingException: Given final block not > properly > > padded > > > > I believe you can get that failure mode when attempting to decrypt > ciphertext > > with the wrong key. I'm certain it could happen in the case of data > > truncation, but that's seems less likely that a deployment problem. > Since > > this is a clustered situation, I would think "wrong key" is a more > likely > > cause. Did you take care to sync the one and only key to all hosts in > the > > cluster? > > > > M > > > > -- > > You are currently subscribed to [email protected] as: > > [email protected] To unsubscribe, change settings or access > archives, see > > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > > -- > > You are currently subscribed to [email protected] as: > > [email protected] To unsubscribe, change settings or access > > archives, > see > > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > -- > You are currently subscribed to [email protected] as: > [email protected] To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- > You are currently subscribed to [email protected] as: > [email protected] To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
