Hi Quentin, I've encountered similar errors in the past when trying to change the encryption algorithm.
Here are two things that may help: 1. The password/key needs to be at least 12 characters long before you migrate to NIFI_PBKDF2_AES_GCM_256. If it is not, you have to first change the password to something long enough with the old algorithm in place. If your key is blank, you may have to enter the old default value first: nififtw! 2. The command to migrate key algorithm does not support an encrypted configuration file. If you have the key encrypted you should replace it with the unencrypted version, clear the property ...sensitivekey.protected=... and then migrate. After that you can re-encrypt the configuration using the nifi toolkit again. Regards, Isha Van: Quentin HORNEMAN GUTTON <[email protected]> Verzonden: woensdag 13 december 2023 14:59 Aan: [email protected] Onderwerp: [NIFI 1.23.2] Insecure Cipher Provider Algorithm You don't often get email from [email protected]<mailto:[email protected]>. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification> Hello, I'm facing an issue after upgrading NiFi 1.13.2 to 1.23.2. I have a warn log with Insecure Cipher Provider Algorithm [PBEWITHMD5AND256BITAES-CBC-OPENSSL]. I tried to update algorithm with the set-sensitive-properties-algorithm command to NIFI_PBKDF2_AES_GCM_256 but I have an error message with < Descryption failed with algorithm > caused by < pad block corrupted >. Do you have any informations that could help me ? Best regards, Quentin HORNEMAN GUTTON
