Why is Decrypt/Encrypt API failing and/or security screen is blank

David Xu
2019-01-21 23:35

Subject 

Decrypt/Encrypt API failing and/or security screen is blank

Description

This issue can be caused by a user attribute (password, property, etc) that starts with ‘AM6J’ or contains spaces.  This will interfere with artifactory’s encryption mechanism. 
One symptom is in an encrypted security.xml there is value that is a different length from the others 

Resolution

This issue is fixed in Artifactory 5.8.4 and above. An upgrade is recommended to permanently address the issue.

If this issue is encountered in a lower version, the workaround is:

  1. Delete $ART_HOME/data/.deleteForSecurityMarker on the primary node and reboot the node
  2. Run POST /api/system/decrypt
  3. Run POST /api/system/security
  4. Compare the contents of the exported security descriptor to your Source instance
    1. Note any non-ascii characters, as those can interfere with the export process
    2. Also note any usernames, passwords or properties that start with AM6J
  5. Encrypt the source artifactory again using POST /api/system/encrypt

If there are no errors, we can use this xml to populate your source.  To do this.

  1. Rename security.xml to security.import.xml
  2. Decrypt Artifactory using POST /api/system/decrypt
  3. Move security.import.xml to the $ART_HOME/etc directory
  4. Restart the target node
  5. Encrypt the target using POST /api/system/encrypt