Unexpected character ('¾' (code 190)): expected a valid value

Unexpected character occurred when the IP addresses changes and the virtual instance was migrated into a separate network subnet.
June 25, 2017
ForgeRock-OpenIDMOpenIDMIDMKeystore
E_WARNING Error in file posts.php at line 313: fopen(http://www.technicalconfessions.com/images/postimages/postIcons/pp444.png): failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found E_WARNING Error in file posts.php at line 313: fclose() expects parameter 1 to be resource, boolean given

If I'm bored/free one day, I'll crack open the source code and review what variables are considered during the encryption. One thing for sure I assume because the encryption of the password is subjected to the boot properties. Perhaps IP is incorporated in this also, hence why this error occurred once the virtual server was altered

This time, during the upgrade the startup of the services would work as expected, though the bounce of these services once the server was moved and the IP was altered, I would receive an Unexpected character ('¾' (code 190)): expected a valid value Just like everyone would, I gathered the stack trace from the log file and search for hints to what the issue could be. Ironically, I came across my own blog, OpenIDM Issue - javax.crypto.BadPaddingException: Given final block not properly padded, which stated that you would then need to populate a new cryptographic string to then populate that within the internal user database. I noticed a cryptographic discrepancy during the upgrade also, of which the upgrade was migrated into a separate environment


SOLUTION

Then I decided that the keystore etc. is likely to be the cause. I would then use the existing truststore and keystore and I would get a different response when bouncing the services. This tells me that the keystore within the security repository is likely to be the issue. The best solution to resolve the same issue during the upgrade was to execute and re-create the encrypted password for the openidm-admin user by running the cli.bat command as highlighted within the previous blog. This solution was not possible with this similar situation.

I experienced an error stating that org.forgerock.json.JsonException: org.forgerock.json.crypto.JsonCryptoException: com.fasterxml.jackson.core.JsonParseException: Unexpected character ('¾' (code 190)): expected a valid value (number, String, array, object, 'true', 'false' or 'null'). From the gist, the full stack trace was as follows: The best resolution to avoid the 'org.forgerock.json.JsonException: org.forgerock.json.crypto.JsonCryptoException: com.fasterxml.jackson.core.JsonParseException: Unexpected character ('¾' (code 190)): expected a valid value (number, String, array, object, 'true', 'false' or 'null').' error was to use the OOTB keystore/truststore and not to migrate over the old versions.

Altering the truststore, relam.properties, and keystore.jceks files from the original installation it would resolve the Unexpected character error though it would return to the javax.crypto.BadPaddingException: Given final block not properly padded error error again The partical stack trace was a follows:
Caused by: org.forgerock.json.crypto.JsonCryptoException: javax.crypto.BadPaddingException: Given final block not properly padded
at org.forgerock.json.crypto.simple.SimpleDecryptor.decrypt(SimpleDecryptor.java:92)
at org.forgerock.json.crypto.JsonCryptoTransformer.transform(JsonCryptoTransformer.java:50)
... 76 more
Caused by: javax.crypto.BadPaddingException: Given final block not properly padded

The full stack trace would be as follows:

I did however notice a few gotchas in my previous blog to resolve this error. Firstly, I needed to make sure that the update is all one line and the only gap is " : ". Ensuring that the crypto value was all on one line also (and not just a copy and page into the SQL querying tool also helped. Making sure the boot.properties file resides within the default directory also. During the startup of openIDM, the parameter -p will then look at another location. (untitled 2). When you executed the cli.bat, it would puck up the default location. Once these two minor changes were made, I was back to normal!

Comments below are always welcomed!

About the author

Daniel is a Technical Manager with over 10 years of consulting expertise in the Identity and Access Management space.
Daniel has built from scratch this blog as well as technicalconfessions.com
Follow Daniel on twitter @nervouswiggles

Comments

Other Posts

ForgeRock IDM - org.forgerock.script.exception.ScriptCompilationException: missing ; before statemen

OpenIDMsync.confForgeRock

September 17, 2017
Created by: Daniel Redfern
ForgeRock IDM - org.forgerock.script.exception.ScriptCompilationException: missing ; before statement
Read More...

Caused by: org.forgerock.json.resource.BadRequestException: Target does not support attribute groups

OpenIDMForgeRockICFConnector

September 17, 2017
Created by: Daniel Redfern
When performing the attempt of a reconciliation from ForgeRock IDM to Active Directory, I would get the following error
Read More...

ForgeRock OpenIDM - InvalidCredentialException: Remote framework key is invalid

OpenIDMForgeRockICFConnectorAD

September 17, 2017
Created by: Daniel Redfern
In the past, the similar error occurred though for the Oracle Identity Management solution. invalidcredentialexception remote framework key is invalid Because they all share the ICF connector framework, the error/solution would be the same.
Read More...

ERROR Caused by com.google.api.client.auth.oauth2.TokenResponseException 400 Bad Request - invalid_g

OpenIDMIDMGoogleGoogle-AppsICFreconciliation

September 12, 2017
Created by: Daniel Redfern
During the reconcilation from OpenIDM to the ICF google apps connector, the following error response would occur. ERROR Caused by com.google.api.client.auth.oauth2.TokenResponseException 400 Bad Request - invalid_grant
Read More...

forgerock-openidm-encryptedjwt-error

OpenIDMIDMForgeRockJWTIAM

August 29, 2017
Created by: Daniel Redfern
Received the JWT error
Read More...

Unexpected character ('¾' (code 190)): expected a valid value

ForgeRock-OpenIDMOpenIDMIDMKeystore

June 25, 2017
Created by: Daniel Redfern
Unexpected character occurred when the IP addresses changes and the virtual instance was migrated into a separate network subnet.
Read More...
E_WARNING Error in file posts.php at line 464: fopen(http://www.technicalconfessions.com/images/postimages/postIcons/pp444.png): failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found E_WARNING Error in file posts.php at line 464: fclose() expects parameter 1 to be resource, boolean given

OpenDJ Error - Connect Error Result Code: 91 (Connect Error)

OpenDJLDAPldapsearchForgeRock

June 5, 2017
Created by: Daniel Redfern
When trying to connect, I would then receive the following error "Connect Error Result Code: 91 (Connect Error)"
Read More...

Tomcat NioEndpoint$SocketProcessor.doRun java.lang.NullPointerException error

TomcatJava-8PKICAS

June 5, 2017
Created by: Daniel Redfern
When initiating the Tomcat instance, the cas-stderr log file will log a SEVERE error logging multiple times every few seconds
Read More...

IDM ERROR - JDBC repository configured but datasource default was not found

ForgeRockIDMJDBC

May 23, 2017
Created by: Daniel Redfern
IDM ERROR - JDBC repository configured but datasource default was not found
Read More...

OpenIDM Issue - javax.crypto.BadPaddingException: Given final block not properly padded

OpenIDMIDMForgeRockcryptography

May 23, 2017
Created by: Daniel Redfern
org.forgerock.json.JsonException: org.forgerock.json.crypto.JsonCryptoException: javax.crypto.BadPaddingException: Given final block not properly padded
Read More...