Magnolia 6.2.37 known issues

Existing passwords created on previous versions are not working in 6.2.37

From 6.2.37, new Magnolia bundles use OAEPWithSHA3-256AndMGF1Padding by default instead of RSA/NONE/NoPadding.

There is also a new configuration property magnolia.cipher.algorithm, which enables you to specify the cipher algorithm you want to use.

There are two ways of working around this issue:

  1. If no value is set in this property, we use an RSA cipher with padding that’s set as the default in the Bouncy Castle package (PKCS#1 V1.5). The property should therefore be: magnolia.cipher.algorithm=RSA

  2. Comment out the entire property # magnolia.cipher.algorithm=RSA

If you update your webapp, including the properties file, the cipher changes and you lose any passwords created in the Password manager module, the LDAP Connector module, and potentially other places if you used it for data storage purposes in your custom code.

You must therefore re-instantiate your passwords with the new ciphers.

Workaround

Decrypt the passwords created in prior versions, and then create them again in the Password app (6.2.37) by using the following script:

decrypt-password-script.xml
import info.magnolia.keystore.registry.PasswordRegistry;

passwordId = "HERE_THE_PASSWORD_ID";

pwdReg = info.magnolia.objectfactory.Components.getComponent(info.magnolia.keystore.registry.PasswordRegistry);

password = pwdReg.getPassword(passwordId).getDecryptedValue();

println "Password is " + password;
Feedback

DX Core

×

Location

This widget lets you know where you are on the docs site.

You are currently perusing through the DX Core docs.

Main doc sections

DX Core Headless PaaS Legacy Cloud Incubator modules