OPSS - The odi_credtool Script Fails With Error JPS-06519: Failed to get/set credential with map fks and key master.key.0.base64 in bootstrap credstore. Reason null

(Doc ID 2172254.1)

Last updated on AUGUST 31, 2016

Applies to:

Oracle Platform Security for Java - Version 12.1.2.0.0 and later
Information in this document applies to any platform.

Symptoms

On OPSS 12c version,from ODI

Unable run odi_credtool script. 

The script fails with error:

WARNING: Opening of file based keystore failed. Reason :
oracle.security.jps.service.keystore.KeyStoreServiceException: JPS-06519: Failedto get/set credential with map fks and key master.key.0.base64 in bootstrap credstore. Reason oracle.security.jps.service.keystore.KeyStoreServiceException: JPS-06519: Failed to get/set credential with map fks and key master.key.0.base64 in bootstrap credstore. Reason null

at oracle.security.jps.internal.keystore.util.CryptoUtil.decodeAliasWithEncryptedContent(CryptoUtil.java:584)
at oracle.security.jps.internal.keystore.util.CryptoUtil.decryptPrivateKey(CryptoUtil.java:766)
at oracle.security.jps.internal.keystore.config.jaxb.adapters.PrivateKeyAdapter.unmarshal(PrivateKeyAdapter.java:63)
at oracle.security.jps.internal.keystore.config.jaxb.KeyPair.retrievePrivateKey(KeyPair.java:105)
at oracle.security.jps.internal.keystore.util.KeyStoreServiceUtil.getDemoCAKey(KeyStoreServiceUtil.java:641)
at oracle.security.jps.internal.keystore.util.KeyStoreServiceUtil.getDemoCAKey(KeyStoreServiceUtil.java:613)
at oracle.security.jps.internal.keystore.file.FileKeyStoreManager.openKeyStore(FileKeyStoreManager.java:451)
at oracle.security.jps.internal.keystore.file.FileKeyStoreManager.openKeyStore(FileKeyStoreManager.java:403)
at oracle.security.jps.internal.keystore.file.FileKeyStoreServiceImpl.doInit(FileKeyStoreServiceImpl.java:144)
at oracle.security.jps.internal.keystore.file.FileKeyStoreServiceImpl.start(FileKeyStoreServiceImpl.java:969)
at oracle.security.opss.internal.runtime.ServiceContextImpl.start(ServiceContextImpl.java:218)
at oracle.security.opss.internal.runtime.ServiceContextManagerImpl.createDefaultContext(ServiceContextManagerImpl.java:322)
at oracle.security.opss.internal.runtime.ServiceContextManagerImpl.initialize(ServiceContextManagerImpl.java:241)
at oracle.security.jps.internal.config.OpssCommonStartup$1.run(OpssCommonStartup.java:150)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.internal.config.OpssCommonStartup.start(OpssCommonStartup.java:134)
at oracle.security.jps.se.JpsSEStartup.start(JpsSEStartup.java:88)
at oracle.security.jps.JpsStartup.start(JpsStartup.java:215)
at oracle.odi.core.security.JPSContextCredTool.main(JPSContextCredTool.java:52)
Caused by: oracle.security.jps.service.keystore.KeyStoreServiceException: JPS-06519: Failed to get/set credential with map fks and key master.key.0.base64 in bootstrap credstore. Reason oracle.security.jps.service.keystore.KeyStoreServiceException: JPS-06519: Failed to get/set credential with map fks and key master.key.0.base64 in bootstrap credstore. Reason null
at oracle.security.jps.internal.keystore.util.KeyStoreServiceUtil.getMasterKey(KeyStoreServiceUtil.java:540)
at oracle.security.jps.internal.keystore.util.CryptoUtil$2.run(CryptoUtil.java:580)
at oracle.security.jps.internal.keystore.util.CryptoUtil$2.run(CryptoUtil.java:578)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.internal.keystore.util.CryptoUtil.decodeAliasWithEncryptedContent(CryptoUtil.java:578)
... 18 more
Caused by: oracle.security.jps.service.keystore.KeyStoreServiceException: JPS-06519: Failed to get/set credential with map fks and key master.key.0.base64 in bootstrap credstore. Reason null
at oracle.security.jps.internal.keystore.util.KeyStoreServiceUtil.getMasterKey(KeyStoreServiceUtil.java:530)
... 22 more


The issue can be reproduced at will with the following steps:Running the odi_credtool in the customer Environment.

Changes

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms