dhis2-devs-core team mailing list archive

[Stian Sandvold <stian.sandvold@xxxxxxxxx>]

Change in encryption algorithm will cause some problems for some people. if
you encounter an exception in the ConfigurationPopulator startuproutine,
the following SQL will remove your smtp and remote server passwords,
allowing the startuproutine to run as usual.

SQL: "UPDATE configuration SET remotepassword = null, smtppassword = null"


Why did this happen?

JVM only supports keysizes up to 128bit, and the algorithm introduced not
long ago, used AES-256bit. As a result, people without a special JCE would
not be able to encrypt and decrypt data. The solution was to use AES-128
bit instead, but this will cause problems if the data is already encrypted
with AES256 (As they don't consume and produce the same input\output).


It seems that some problems still persists after this, so changing remote
server and smtp passwords will be unavailable for most people until
resolved! Everything else should be working fine - if not, let me know!

- Stian