How to reset the truststore in AEM

Description

Unable to retrieve truststore errors are seen in the log.



> 04.04.2017 11:39:30.150 *ERROR* 192.150.9.201 1491320370146 GET ``/libs/granite/security/truststore``.json HTTP``/1``.1 com.adobe.granite.security.user.internal.servlets.KeyStoreManagingServlet Unable to retrieve the truststore's aliases.
>
> java.lang.SecurityException: com.adobe.granite.crypto.CryptoException: Cannot convert byte data
>
>     ``at com.adobe.granite.keystore.internal.KeyStoreServiceImpl.extractStorePassword(KeyStoreServiceImpl.java:609)
>
>     ``at com.adobe.granite.keystore.internal.KeyStoreServiceImpl.internalGetTrustStore(KeyStoreServiceImpl.java:462)
>
>     ``at com.adobe.granite.keystore.internal.KeyStoreServiceImpl.getTrustStore(KeyStoreServiceImpl.java:154)
>
>     ``at com.adobe.granite.security.user.internal.servlets.KeyStoreManagingServlet.doGet(KeyStoreManagingServlet.java:154)
>
>     ``at org.apache.sling.api.servlets.SlingSafeMethodsServlet.mayService(SlingSafeMethodsServlet.java:269)
>
>     ``...
>
>     ``at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)
>
>     ``at java.lang.Thread.run(Thread.java:745)
>
> Caused by: com.adobe.granite.crypto.CryptoException: Cannot convert byte data
>
>     ``at com.adobe.granite.crypto.internal.CryptoSupportImpl.unprotect(CryptoSupportImpl.java:160)
>
>     ``at com.adobe.granite.keystore.internal.KeyStoreServiceImpl.extractStorePassword(KeyStoreServiceImpl.java:601)
>
>     ``... 110 common frames omitted
>
> Caused by: com.adobe.granite.crypto.CryptoException: Failed decrypting cipher text
>
>     ``at com.adobe.granite.crypto.internal.CryptoSupportImpl.decrypt(CryptoSupportImpl.java:96)
>
>     ``at com.adobe.granite.crypto.internal.CryptoSupportImpl.unprotect(CryptoSupportImpl.java:157)
>
>     ``... 111 common frames omitted
>
> Caused by: com.rsa.jsafe.JSAFE_PaddingException: Invalid padding.
>
>     ``at com.rsa.jsafe.JSAFE_SymmetricCipher.decryptFinal(Unknown Source)
>
>     ``at com.adobe.granite.crypto.internal.jsafe.JSafeCryptoSupport.getPlainText(JSafeCryptoSupport.java:325)
>
>     ``at com.adobe.granite.crypto.internal.jsafe.JSafeCryptoSupport.getPlainText(JSafeCryptoSupport.java:307)
>
>     ``at com.adobe.granite.crypto.internal.CryptoSupportImpl.decrypt(CryptoSupportImpl.java:94)
>
>     ``... 112 common frames omitted

Environment

AEM 6.4,6.5

Cause

Corruption in the truststore.

Resolution

  1. Open CRX/DE as an admin user.

  2. Delete the node /etc/truststore/truststore.p12.

  3. Click Save All.

  4. Recreate the truststore as per instructions below:

AEM 6.4

AEM 6.5

On this page

Adobe Summit Banner

A virtual event April 27-28.

Expand your skills and get inspired.

Register for free
Adobe Summit Banner

A virtual event April 27-28.

Expand your skills and get inspired.

Register for free