Tech Tip : CA Single Sign-On : Policy Server :: The Last Key decoded to Null from the Keystore

Discussion created by Patrick-Dussault Employee on Jul 6, 2017



We're running several Policy Servers in Production. After changing the Encryption Key, one of the Policy Servers started suddenly to give errors in the smps.log :

[ERROR] The last key decoded to null from the keystore

[ERROR] Failed to generate agent key update commands

How can we solve this problem ?




The Reason for these error messages is that the Encryption Key isn't the same across Policy Servers in your environment.




To resolve this issue, choose one of the following:

From SMCONSOLE -> Keys tab:


- Select Encrypt Keys Using Policy Store Encryption Key




- Uncheck "Encrypt Keys Using Policy Store Encryption Key"

and set the Policy Store key and manually enter the value in the two dialog boxes


Make sure that all Policy Servers are configured the same way in your Environment.


KB : TEC565906