Issue(s)
You find the following error in the Authentication Service log, or any other log file:
Padding is invalid and cannot be removed.
Cause(s)
The CoreOne Authentication Services - and other components - stores certain values encrypted in the database. The service tries to de-crypt the value and has an error.
The stored value is corrupt. This can have multiple causes:
As described in https://itsense.atlassian.net/l/cp/Nb7xfXaq, a windows in place upgrade changed the machine key (more likely in the application service)
A data restore, transfer or manual mutation corrupted the entry
Solution
Depending on what value was corrupted, you can either enter the value again in the Admin UI or try a specific fix:
Signing Certificates
If the entries in table
servicecorelogin_service_provider_signing_certificates
are corrupted, you can truncate the tableEach time the certificates are requested, they are regenerated from the configured certificate from the
servicecorelogin_service_provider
table