How to change R12 behavior when a empty persistent key is present in the key store?

Document ID : KB000050872
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

In 6x version of SiteMinder, if the policy server is not able to decrypt the persistent key using the policy store key, it will use empty persistent key to encrypt the data and will not fire an error message. An additional check has been added to the R12 version and it will return an error if it fails to decrypt the persistent key.

[ERROR] Failed to decrypt persistent key

Solution:

In order to get the R6 like functionality in R6 i.e. Policy Server should allow using the empty persistent key a Registry Key has been introduced.

If this registry key is set, no check will occur and 6.x functionality will be maintained.
REGISTRY KEY:
HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\ObjectStore
DWORD key: AllowEmptyEncKey
Value: 1