weblogic 异常 com.rsa.jsafe.JSAFE_PaddingException: Could not perform unpadding: invalid pad byte.次异常怎么解决

问题

更改控制台密码后，服务重启失败，无法启动，报错如下：

<2010-12-4 下午03时10分49秒 CST> <Info> <WebLogicServer> <BEA-000377> <Starting WebLogic Server with Java HotSpot(TM) Client VM Version 1.4.2_08-b03 from Sun Microsystems Inc.> 
<2010-12-4 下午03时10分50秒 CST> <Info> <Configuration Management> <BEA-150016> <This server is being started as the administration server.> 
<2010-12-4 下午03时10分50秒 CST> <Info> <Management> <BEA-141107> <Version: WebLogic Server 8.1 SP5  Sat Oct 29 02:54:23 PDT 2005 663645 
WebLogic XMLX Module 8.1 SP5  Sat Oct 29 02:54:23 PDT 2005 663645 > 
<2010-12-4 下午03时10分50秒 CST> <Notice> <Management> <BEA-140005> <Loading domain configuration from configuration repository at C:\bea\user_projects\domains\mydomain\config.xml.> 
<2010-12-4 下午03时10分52秒 CST> <Notice> <Log Management> <BEA-170019> <The server log file C:\bea\user_projects\domains\mydomain\myserver\myserver.log is opened. All server side log events will be written to this file.> 
<2010-12-4 下午03时10分52秒 CST> <Error> <Management> <BEA-140001> <An error occurred while getting attribute Credential on MBean mydomain:Location=myserver,Name=mydomain,Type=EmbeddedLDAPConfig. Method: null. Exception: com.rsa.jsafe.JSAFE_PaddingException: Could not perform unpadding: invalid pad byte..
com.rsa.jsafe.JSAFE_PaddingException: Could not perform unpadding: invalid pad byte.
 at com.rsa.jsafe.JA_PKCS5Padding.a(Unknown Source)
 at com.rsa.jsafe.JG_BlockCipher.decryptFinal(Unknown Source)
 at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptBytes(JSafeEncryptionServiceImpl.java:67)
 at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptString(JSafeEncryptionServiceImpl.java:93)
 at weblogic.security.internal.encryption.ClearOrEncryptedService.decrypt(ClearOrEncryptedService.java:56)
 at weblogic.management.EncryptionHelper.decryptString(EncryptionHelper.java:45)
 at weblogic.management.internal.DynamicMBeanImpl.getAttribute(DynamicMBeanImpl.java:625)
 at weblogic.management.internal.ConfigurationMBeanImpl.getAttribute(ConfigurationMBeanImpl.java:186)
 at com.sun.management.jmx.MBeanServerImpl.getAttribute(MBeanServerImpl.java:1183)
 at com.sun.management.jmx.MBeanServerImpl.getAttribute(MBeanServerImpl.java:1153)
 at weblogic.management.internal.RemoteMBeanServerImpl.getAttribute(RemoteMBeanServerImpl.java:288)
 at weblogic.management.internal.MBeanProxy.getAttribute(MBeanProxy.java:604)
 at weblogic.management.internal.MBeanProxy.invokeForCachingStub(MBeanProxy.java:436)
 at weblogic.management.configuration.EmbeddedLDAPMBean_Stub.getCredential(EmbeddedLDAPMBean_Stub.java:423)
 at weblogic.ldap.EmbeddedLDAP.initServerConfig(EmbeddedLDAP.java:1117)
 at weblogic.ldap.EmbeddedLDAP.initialize(EmbeddedLDAP.java:225)
 at weblogic.t3.srvr.T3Srvr.initializeHere(T3Srvr.java:815)
 at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:669)
 at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:343)
 at weblogic.Server.main(Server.java:32)
> 
<2010-12-4 下午03时10分52秒 CST> <Critical> <WebLogicServer> <BEA-000364> <Server failed during initialization. Exception:weblogic.management.ManagementRuntimeException: com.rsa.jsafe.JSAFE_PaddingException: Could not perform unpadding: invalid pad byte.
weblogic.management.ManagementRuntimeException: com.rsa.jsafe.JSAFE_PaddingException: Could not perform unpadding: invalid pad byte.
 at weblogic.management.configuration.EmbeddedLDAPMBean_Stub.getCredential(EmbeddedLDAPMBean_Stub.java:430)
 at weblogic.ldap.EmbeddedLDAP.initServerConfig(EmbeddedLDAP.java:1117)
 at weblogic.ldap.EmbeddedLDAP.initialize(EmbeddedLDAP.java:225)
 at weblogic.t3.srvr.T3Srvr.initializeHere(T3Srvr.java:815)
 at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:669)
 at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:343)
 at weblogic.Server.main(Server.java:32)
Caused by: com.rsa.jsafe.JSAFE_PaddingException: Could not perform unpadding: invalid pad byte.
 at com.rsa.jsafe.JA_PKCS5Padding.a(Unknown Source)
 at com.rsa.jsafe.JG_BlockCipher.decryptFinal(Unknown Source)
 at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptBytes(JSafeEncryptionServiceImpl.java:67)
 at weblogic.security.internal.encryption.JSafeEncryptionServiceImpl.decryptString(JSafeEncryptionServiceImpl.java:93)
 at weblogic.security.internal.encryption.ClearOrEncryptedService.decrypt(ClearOrEncryptedService.java:56)
 at weblogic.management.EncryptionHelper.decryptString(EncryptionHelper.java:45)
 at weblogic.management.internal.DynamicMBeanImpl.getAttribute(DynamicMBeanImpl.java:625)
 at weblogic.management.internal.ConfigurationMBeanImpl.getAttribute(ConfigurationMBeanImpl.java:186)
 at com.sun.management.jmx.MBeanServerImpl.getAttribute(MBeanServerImpl.java:1183)
 at com.sun.management.jmx.MBeanServerImpl.getAttribute(MBeanServerImpl.java:1153)
 at weblogic.management.internal.RemoteMBeanServerImpl.getAttribute(RemoteMBeanServerImpl.java:288)
 at weblogic.management.internal.MBeanProxy.getAttribute(MBeanProxy.java:604)
 at weblogic.management.internal.MBeanProxy.invokeForCachingStub(MBeanProxy.java:436)
 at weblogic.management.configuration.EmbeddedLDAPMBean_Stub.getCredential(EmbeddedLDAPMBean_Stub.java:423)
 ... 6 more
> 
<2010-12-4 下午03时10分52秒 CST> <Emergency> <WebLogicServer> <BEA-000342> <Unable to initialize the server: weblogic.management.ManagementRuntimeException: com.rsa.jsafe.JSAFE_PaddingException: Could not perform unpadding: invalid pad byte.> 
***************************************************************************
The WebLogic Server did not start up properly.
Exception raised: 'com.rsa.jsafe.JSAFE_PaddingException: Could not perform unpadding: invalid pad byte.'
Reason: weblogic.management.ManagementRuntimeException: com.rsa.jsafe.JSAFE_PaddingException: Could not perform unpadding: invalid pad byte.
***************************************************************************

背景&分析

　　JSAFE是有RSA开发的JAVA加密解密引擎。当遇到与JSAFE相关的异常时，可以确定是加密解密出了问题。Weblogic domain中的所有密码通过SerializedSystemIni.dat中的hashes加密。可以通过这篇文章理解Weblogic怎样使用SerializedSystemIni.dat。如果在一个Weblogic domain中加密的密码被用与另一个Weblogic domain，那么加密后的密码将不能被解密并且Weblogic server不能启动。

 

解决方案

1. 使用当前domain的SerializedSystemIni.dat对密码进行加密。

2. 使用明文，再次启动的时候会自动进行加密的。

转自：http://hi.baidu.com/maydayuiui/item/574760504e2447948d12ed10