PaulCa Posted March 2, 2020 Share Posted March 2, 2020 I am currently unable to send Self Destruct messages, each time I try I receive "Error 400 Bad Request". When I check the log files in the selfdestruct folder I get the following message: 3/2/2020 10:58:15 AM - An error has occurred with a POST request to the SelfDestruct Controller. Error = Specified key is not a valid size for this algorithm.&stacktrace= at System.Security.Cryptography.SymmetricAlgorithm.set_Key(Byte[] value) at PasswordstateSelfDestruct.Passwordstate.Crypto.AES_Decrypt(Byte[] myByte) at PasswordstateSelfDestruct.Controllers.SelfDestructController.Post(SelfDestructPost NewSelfDestructMessage) I have tried restarting the PasswordState service on the web server but this has not resolved the issue. Link to comment Share on other sites More sharing options...
support Posted March 2, 2020 Share Posted March 2, 2020 Hello Paul, It sounds like the encryption key has not been written corrctly to a file, possible due to NTFS permission issues. Can you take the encryption key you see in the screenshot below, and add/edit it in the file C:\inetpub\Passwordstate\selfdestruct\web.config in the "key" section within AppSettings - does this help? Regards Click Studios Link to comment Share on other sites More sharing options...
PaulCa Posted March 3, 2020 Author Share Posted March 3, 2020 Perfect that has resolved the issue, thank you. To preemptively fix any possible issue like this occurring again what should the NTFS permissions be on this file and is there something I can do to fix the NTFS permissions on the whole install? Our install of PasswordState has been moved between servers and I believe this is where this permissions issue has stemmed from. Link to comment Share on other sites More sharing options...
support Posted March 3, 2020 Share Posted March 3, 2020 Hi Paul, By default, the entire Passwordstate folder should have Modify NTFS permissions for the NETWORK SERVICE account - this is what we set it to during the install. If you have modified the Application Pools in IIS at all, to use a Managed Service Account, then this account would need access. Regards Click Studios Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now