Faiure in decryption

meenalochani · April 26, 2007, 10:57pm

Partner sends signed and Encrypted EDIINT. But TN at my side detects only as encrypted data and fails to decrypt. Partners encrypt using our publickey and signs using their key. Partner profile is setup properly at my side. Client certificate association is also set in Administrator. Below is the error.
I tried reloading the certificates but still the problem persist. Any suggestions please?

wm.tn.mime:processEncryptedData com.wm.app.tn.err.EXMLException: Unable to decrypt data. iaik.pkcs.PKCSException javax.crypto.BadPaddingException: Unknown blocktype ! iaik.pkcs.PKCSException: javax.crypto.BadPaddingException: Unknown blocktype ! at iaik.pkcs.pkcs7.RecipientInfo.decryptKey(Unknown Source) at com.wm.app.tn.mime.SharedDecryptionStream.getSrc(SharedDecryptionStream.java:97) at com.wm.app.tn.mime.SharedDecryptionStream.(SharedDecryptionStream.java:48) at com.wm.app.tn.mime.SharedDecryptionStream.(SharedDecryptionStream.java:36) at com.wm.app.tn.mime.SMime.processEncryptedData(SMime.java:1177) at wm.tn.mime.processEncryptedData(mime.java:370) at sun.reflect.GeneratedMethodAccessor208.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:324) at com.wm.ap

Thanks,
Meena

ylo · April 27, 2007, 12:22am

You may not have set up the security for your TN profile and your partner’s TN profile correctly. Refer to p.34 of the webMethods_EDIINT_Module_Users_Guide_6.5.pdf document on how to properly set the digital certs in TN.

Hope this helps.

-Yang Lo

meenalochani · April 27, 2007, 12:31am

We are currently on WM6.1 SP2 and I did the setup in the security tab for both enetrprise and partner as per document. Partner is using self signed certificate. Any other suggestions?

Thanks,
Meena

Guest · April 28, 2007, 2:35am

With a self-signed certificate the provider is basically acting as their own certification authority so a copy of the certificate should be added to the trusted root directory on the server. I believe the IS also needs to be restarted after a new CA cert is added. HTH,

Tim

meenalochani · May 2, 2007, 11:07pm

Yes, we did setup all these correct and we were receiving this error. But we somehow got it rectified. We had Rossetanet6.1SP1 in our environment and we saw some errors ebing generated beacuse of this in the error log. So we cleared the repo server and backed out RN6.1 and it started working.Then we installed RN6.1 and even then it is working. Not sure what the exact problem is but if you guys face such problem give a try like this.

Thanks,
Meena