Magnolia 6.2.37 known issues
From 6.2.37, new Magnolia bundles use
OAEPWithSHA3-256AndMGF1Padding by default instead of
There is also a new configuration property
magnolia.cipher.algorithm, which enables you to specify the cipher algorithm you want to use.
There are two ways of working around this issue:
If no value is set in this property, we use an RSA cipher with padding that is set as default in the Bouncy Castle package (PKCS#1
V1.5). The property should therefore be:
Comment out the entire property
If you update your webapp, including the properties file, the cipher changes and you lose any passwords created in the Password manager module, the LDAP Connector module, and potentially other places if you used it for data storage purposes in your custom code.
You must therefore re-instantiate your passwords with the new ciphers.
Decrypt the passwords created in prior versions, and then create them again in the Password app (
6.2.37) by using the following script:
import info.magnolia.keystore.registry.PasswordRegistry; passwordId = "HERE_THE_PASSWORD_ID"; pwdReg = info.magnolia.objectfactory.Components.getComponent(info.magnolia.keystore.registry.PasswordRegistry); password = pwdReg.getPassword(passwordId).getDecryptedValue(); println "Password is " + password;