<-- Back

MendixSSO: Error while encrypting string: Cannot find any provider supporting AES/GCM/PKCS5PADDING

Issue

During the login process using the Mendix SSO solution, the user is unable to log in and gets the error message:

 Failed to initialize session

In the logs, the error message is:

ERROR - MendixSSO: Error while encrypting string: Cannot find any provider supporting AES/GCM/PKCS5PADDING

Environment

  • Studio Pro v9.24.3 and newer
  • Encryption module v10.0.2 and older
  • MendixSSO module v4.2.0 and older

Cause

The issue is associated with the Java version, as well as the MendixSSO and Encryption modules.

Older versions of the Encryption module use AES/GCM/PKCS5PADDING, this algorithm is no longer supported in Java 17+ and will give an exception.

Solution / Workaround

The customers migrating to Java 21 with an older version of the Encryption module must upgrade both their module and their encrypted values in the database.

The newer version of the Encryption module uses AES/GCM/NoPadding, which is supported in Java 11, 17, and 21.

Hence, as a solution, it recommended upgrading both MendixSSO and the Encryption modules.

Internal information related

  • 242444, 263295
  • RUN-3928, RUN-4212

Additional information

Mendix documentation:

Have more questions? Submit a request

0 Comments

Article is closed for comments.

To provide feedback, please open a ticket here. Don't forget to include the article's URL along with the feedback you would like to provide.