If I'm bored/free one day, I'll crack open the source code and review what variables are considered during the encryption. One thing for sure I assume because the encryption of the password is subjected to the boot properties. Perhaps IP is incorporated in this also, hence why this error occurred once the virtual server was altered

This time, during the upgrade the startup of the services would work as expected, though the bounce of these services once the server was moved and the IP was altered, I would receive an Unexpected character ('¾' (code 190)): expected a valid value Just like everyone would, I gathered the stack trace from the log file and search for hints to what the issue could be. Ironically, I came across my own blog, OpenIDM Issue - javax.crypto.BadPaddingException: Given final block not properly padded, which stated that you would then need to populate a new cryptographic string to then populate that within the internal user database. I noticed a cryptographic discrepancy during the upgrade also, of which the upgrade was migrated into a separate environment

Then I decided that the keystore etc. is likely to be the cause. I would then use the existing truststore and keystore and I would get a different response when bouncing the services. This tells me that the keystore within the security repository is likely to be the issue. The best solution to resolve the same issue during the upgrade was to execute and re-create the encrypted password for the openidm-admin user by running the cli.bat command as highlighted within the previous blog. This solution was not possible with this similar situation.

I experienced an error stating that org.forgerock.json.JsonException: org.forgerock.json.crypto.JsonCryptoException: com.fasterxml.jackson.core.JsonParseException: Unexpected character ('¾' (code 190)): expected a valid value (number, String, array, object, 'true', 'false' or 'null'). From the gist, the full stack trace was as follows: The best resolution to avoid the 'org.forgerock.json.JsonException: org.forgerock.json.crypto.JsonCryptoException: com.fasterxml.jackson.core.JsonParseException: Unexpected character ('¾' (code 190)): expected a valid value (number, String, array, object, 'true', 'false' or 'null').' error was to use the OOTB keystore/truststore and not to migrate over the old versions.

Altering the truststore, relam.properties, and keystore.jceks files from the original installation it would resolve the Unexpected character error though it would return to the javax.crypto.BadPaddingException: Given final block not properly padded error error again The partical stack trace was a follows:
Caused by: org.forgerock.json.crypto.JsonCryptoException: javax.crypto.BadPaddingException: Given final block not properly padded
at org.forgerock.json.crypto.simple.SimpleDecryptor.decrypt(SimpleDecryptor.java:92)
at org.forgerock.json.crypto.JsonCryptoTransformer.transform(JsonCryptoTransformer.java:50)
... 76 more
Caused by: javax.crypto.BadPaddingException: Given final block not properly padded

The full stack trace would be as follows:

I did however notice a few gotchas in my previous blog to resolve this error. Firstly, I needed to make sure that the update is all one line and the only gap is " : ". Ensuring that the crypto value was all on one line also (and not just a copy and page into the SQL querying tool also helped. Making sure the boot.properties file resides within the default directory also. During the startup of openIDM, the parameter -p will then look at another location. (untitled 2). When you executed the cli.bat, it would puck up the default location. Once these two minor changes were made, I was back to normal!

Comments below are always welcomed!

About the author