Invalid secret key requires JCE encryption libraries
Abiquo installations running Oracle Java use the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy. If the correct JCE jars are not available, Abiquo will not be able to communicate correctly with hypervisors, storage devices, and cloud providers. In this case you may see errors in the UI and errors in /opt/abiquo./tomcat/logs/catalina.out such as Unable to initialize due to invalid secret key
When to install
When to install the JCE libraries:
During the OVA deploy if the VM did not have internet access, or access to the DNS server
If the JCE libraries have "gone missing" perhaps during a system upgrade process.
Install process
The install process is to obtain the Oracle Java Cryptography Extension (JCE) 8 from here: http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html.
After you log in, you can download the file jce_policy-8.zip.
Extract the content and place it in $JAVA_HOME/jre/lib/security. Note that you may need to first install unzip from the Abiquo repo (yum install unzip).
Quick install
To install quickly and automatically accept the Oracle JCE license, use these combined commands as root user:
wget --no-check-certificate --no-cookies --header "Cookie: oraclelicense=accept-securebackup-cookie" http://download.oracle.com/otn-pub/java/jce/8/jce_policy-8.zip -O /tmp/JCE.zip && unzip /tmp/JCE.zip -d /tmp
mv /tmp/UnlimitedJCEPolicyJDK8/*.jar /usr/java/default/jre/lib/security/Check the install
You can check if JCE libraries have been updated by checking the md5sum.
# md5sum /usr/java/default/jre/lib/security/*.jar
dabfcb23d7bf9bf5a201c3f6ea9bfb2c /usr/java/default/jre/lib/security/local_policy.jar
ef6e8eae7d1876d7f05d765d2c2e0529 /usr/java/default/jre/lib/security/US_export_policy.jarCopyright © 2006-2024, Abiquo Holdings SL. All rights reserved