Quote Originally Posted by edmaa View Post
On 10-05-2019 4:44 AM, kjhurni wrote:
>
> I'm seeing this on my LAG (in the Admin Console shows "server is not
> reporting", which usually means a jcc problem).
>
> jcc log shows:
>
>
> Code:
> --------------------
> May 07, 2019 1:12:53 PM com.novell.jcc.server.JCCServerImpl H
> INFO: Starting JCC Server
> May 07, 2019 1:12:55 PM com.novell.jcc.util.JCCUtils logSevere
> SEVERE: AM#100706017: Exception - delete admin info failed
> com.novell.jcc.server.JCCServerImpl B
> Given final block not properly padded
> javax.crypto.BadPaddingException: Given final block not properly padded
> at com.sun.crypto.provider.CipherCore.doFinal(CipherC ore.java:989)
> at com.sun.crypto.provider.CipherCore.doFinal(CipherC ore.java:845)
> at com.sun.crypto.provider.AESCipher.engineDoFinal(AE SCipher.java:446)
> at javax.crypto.Cipher.doFinal(Cipher.java:2165)
> at com.novell.jcc.sockets.CipherSocketUtils.decryptDa ta(y:492)
> at com.novell.jcc.server.JCCServerImpl.B(y:3088)
> at com.novell.jcc.server.JCCServerImpl.A(y:961)
> at com.novell.jcc.server.JCCServerImpl.H(y:751)
> at com.novell.jcc.server.JCCServerImpl.main(y:2294)
>
> May 07, 2019 1:12:55 PM com.novell.jcc.util.JCCSettings A
> INFO: Current settings
> rmiPort: 1197
> localMgmtPort: 1443
> localMgmtIP: 10.10.179.202
> remoteMgmtPort: 8444
> remoteMgmtIP: [10.10.109.200]
> jccProxyPort: 2483
> agProxyPort: 444
> sslvpnProxyPort: 3423
> healthFreq: 300
> statsFreq: 300
> remoteMgmtIPFreq: 3600
> externTomcatDir: /opt/novell/nam/mag
> secure: true
> --------------------
>
>
> I've tried re-pushing the config to no avail.
> IDP is up and running just fine


Have you tried simply restarting the jcc service? From memory, with these errors, reimporting the device is pretty much the only option.

> IDP and AG use the same GeoTrust Wildcard SSL cert, so I know the cert
> itself is fine. (and was working until recently)


The device manager stuff uses internal certs so thats not an issue there.


> AG 4.3.2.0-15
>
>



--
Cheers,
Edward
Thanks Edward.

Yes, restarted jcc (and the appliance) multiple times to no avail.

I'm trying to remember, but when doing the jcc-reimport (I think that's the name of the script, will have to dig through some really really old emails), does one also have to whack the AG device from the Admin Console?