Linux VDA registration fails with "Cannot encrypt data"
Article ID: CTX233550
Updated On:
Description
When trying to register Ubuntu machines to XenDesktop Controller, it is failing with the following error
2018-03-09 16:07:43.736 [ERROR] [33] - RegistrationManager.AttemptRegistrationWithSingleDdc: Failed to register with http://x.x.x.x.x:80/Citrix/CdsController/IRegistrar. Error: Cannot encrypt data
Resolution
Uninstall the java libraries installed by Logstash and install the default openjdk libraries.
Logstash software changed the default java libraries from the Base OS. Strict restriction with Java libraries installed as part of the Logstash software
Problem Cause
Caused by the change in the default java libraries version from the Base Operating system.Logstash software changed the default java libraries from the Base OS. Strict restriction with Java libraries installed as part of the Logstash software
Additional Information
Following exception can be seen after enabling verbose VDA logs.
2018-03-09 16:07:43.737 [DEBUG] [33] - Exception: javax.xml.ws.soap.SOAPFaultException: Cannot encrypt data at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:158) at com.sun.proxy.$Proxy41.register(Unknown Source) at com.citrix.cds.brokeragent.RegistrationManager.attemptRegistrationWithSingleDdc(RegistrationManager.java:1458) at com.citrix.cds.brokeragent.RegistrationManager.attemptRegistrationWithMulipleDdcs(RegistrationManager.java:1344) at com.citrix.cds.brokeragent.RegistrationManager.attemptRegistration(RegistrationManager.java:1036) at com.citrix.cds.brokeragent.RegistrationManager.access$200(RegistrationManager.java:98) at com.citrix.cds.brokeragent.RegistrationManager$3.run(RegistrationManager.java:404) at java.lang.Thread.run(Thread.java:748) Caused by: org.apache.cxf.ws.policy.PolicyException: Cannot encrypt data at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:294) at org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:501) at org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryption(SymmetricBindingHandler.java:518) at org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:391) at org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.handleBinding(SymmetricBindingHandler.java:124) at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:173) at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:90) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272) at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:572) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:481) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:382) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:335) at org.apache.cxf.ws.security.trust.AbstractSTSClient.issue(AbstractSTSClient.java:855) at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:62) at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:56) at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:52) at org.apache.cxf.ws.security.policy.interceptors.SecureConversationOutInterceptor.issueToken(SecureConversationOutInterceptor.java:195) at org.apache.cxf.ws.security.policy.interceptors.SecureConversationOutInterceptor.handleMessage(SecureConversationOutInterceptor.java:77) at org.apache.cxf.ws.security.policy.interceptors.SecureConversationOutInterceptor.handleMessage(SecureConversationOutInterceptor.java:48) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272) at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:572) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:481) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:382) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:335) at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96) at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:136) ... 7 more Caused by: org.apache.ws.security.WSSecurityException: Cannot encrypt data at org.apache.ws.security.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:493) at org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:406) at org.apache.ws.security.message.WSSecDKEncrypt.encryptForExternalRef(WSSecDKEncrypt.java:120) at org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:492) ... 31 more Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size or default parameters Original Exception was java.security.InvalidKeyException: Illegal key size or default parameters at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1156) at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1093) at org.apache.xml.security.encryption.XMLCipher.encryptElementContent(XMLCipher.java:867) at org.apache.xml.security.encryption.XMLCipher.doFinal(XMLCipher.java:997) at org.apache.ws.security.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:490) ... 34 more Caused by: java.security.InvalidKeyException: Illegal key size or default parameters at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1026) at javax.crypto.Cipher.implInit(Cipher.java:801) at javax.crypto.Cipher.chooseProvider(Cipher.java:864) at javax.crypto.Cipher.init(Cipher.java:1249) at javax.crypto.Cipher.init(Cipher.java:1186) at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1153) ... 38 more
Was this article helpful?
Yes
No
Powered by
