Some users may experience issues accessing the case portal. For more information, please click here.

This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Known Issue: FNMSAPPortalKey symmetric key in the compliance database uses TRIPLE_DES algorithm (IOJ-2189563)

Known Issue: FNMSAPPortalKey symmetric key in the compliance database uses TRIPLE_DES algorithm (IOJ-2189563)

Summary

The FNMSAPPortalKey symmetric key configured in the compliance database uses TRIPLE_DES algorithm.

Use of this algorithm may cause errors when the compliance database is hosted on SQL Server 2016 or later, and the compatibility level is set to 130 or higher. The TRIPLE_DES algorithm may also be considered insecure, and inappropriate for encrypting database symmetric keys.

Details

As per information on the following page, the TRIPLE_DES algorithm is not supported on SQL Server 2016 or later unless the database compatibility level is set to 120 or lower: Choose an Encryption Algorithm

If the FlexNet Manager Suite compliance database is hosted on SQL Server 2016 or later that is configured to use a newer compatibility level, then errors may occur when using various SAP-related functionality in FlexNet Manager Suite. For example, attempting to create a new SAP system in the web UI may fail with the following error:

A Problem Occurred

FlexNet Manager Platform detected a problem and could not complete your request. Please refresh the page to try again or contact your IT Administrator for assistance.

Troubleshooting

Additional information about the "A Problem Occurred" error can be obtained by configuring the following registry entries under the key HKLM\SOFTWARE\Wow6432Node\ManageSoft Corp\ManageSoft\ComplianceCurrentVersion on the FlexNet Manager Suite web server:

  • DisplayInsecureErrorMessages = true
  • DisplayErrorStackTrace = true

With these entries configured, additional details including the following will be shown in the error message:

DevExpress.Xpo.DB.Exceptions.SqlExecutionErrorException: Executing Sql 'CLOSE SYMMETRIC KEY FNMSAPPortalKey' with parameters '' exception 'System.Data.SqlClient.SqlException (0x80131904): Cannot find the symmetric key 'FNMSAPPortalKey', because it does not exist or you do not have permission.
[...]
   at ManageSoft.Compliance.Database.Impl.ComplianceDataEncryption.EncryptString(String p_Value)
   at ManageSoft.Compliance.Portal.Logic.Impl.SapService.SAPSystemPropertiesSave(PropertyChangeSet p_ChangeSet, IDValueInfoCollection p_RemoteSystems, IDValueInfoCollection p_SAPUserAccounts)

Workaround

To avoid errors due to the use of the TRIPLE_DES algorithm, configure the compatibility level of the compliance database to 120 (SQL Server 2014) when it is hosted on SQL Server 2016 or later.

Fix details

This issue has been addressed by changing the symmetric key to be created using the AES_256 algorithm.

Fix status

This issue has been fixed in the following FlexNet Manager Suite releases: 2021 R1.4 / Mar 2022 (Cloud), 2022 R1 (On Premises)

Other information

Affected components: Database, SAM for SAP, Security

Master issue ID: IOJ-2189563

Also known as: FNML-73505

Labels (1)
Labels:
Was this article helpful? Yes No
0 247

Tip: If you have been impacted by this issue, please click the KUDOS button above. This helps to track the relative significance and importance of issues. Clicking on an option against "Was this article helpful?" also helps assess and improve the usefulness of content.

No ratings
Version history
Last update:
‎Jun 12, 2022 03:49 AM
Updated by:
Community Manager Community Manager