tfactl - javax.crypto.BadPaddingException: Given final block not properly padded
My Grid version was 11.2.0.4:
./tfactl diagcollect -from "2019-06-15 17:00:00" -to "2019-06-15 18:00:00"
javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.AESCipher.engineDoFinal(DashoA12275)
at javax.crypto.Cipher.doFinal(DashoA12275)
at oracle.rat.tfa.util.EncryptionUtil.decrypt(EncryptionUtil.java:96)
at oracle.rat.tfa.CommandLine.processCommand(CommandLine.java:261)
at oracle.rat.tfa.CommandLine.main(CommandLine.java:478)
Not enough space in Repository or TFA_BASE to run collections
javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.AESCipher.engineDoFinal(DashoA12275)
at javax.crypto.Cipher.doFinal(DashoA12275)
at oracle.rat.tfa.util.EncryptionUtil.decrypt(EncryptionUtil.java:96)
at oracle.rat.tfa.CommandLine.processCommand(CommandLine.java:261)
at oracle.rat.tfa.CommandLine
Solution:
I reinstalled the TFA as per note (Doc ID 1513912.1)
root@hostname:/export/home/oracle/tfa# ./installTFA-SOLARIS-SPARC64
TFA Installation Log will be written to File : /tmp/tfa_install_69909_2019_06_19-11_32_53.log
Starting TFA installation
TFA Version: 192100 Build Date: 201904251105
TFA HOME : /u01/app/11.2.0.4/grid/tfa/hostname/tfa_home
Installed Build Version: 121284 Build Date: 201702032305
TFA is already installed. Upgrading TFA
TFA Upgrade Log : /u01/app/11.2.0.4/grid/tfa/hostname/tfapatch.log
javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.AESCipher.engineDoFinal(DashoA12275)
at javax.crypto.Cipher.doFinal(DashoA12275)
at oracle.rat.tfa.util.EncryptionUtil.decrypt(EncryptionUtil.java:96)
at oracle.rat.tfa.CommandLine.processCommand(CommandLine.java:261)
at oracle.rat.tfa.CommandLine.main(CommandLine.java:478)
javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.AESCipher.engineDoFinal(DashoA12275)
at javax.crypto.Cipher.doFinal(DashoA12275)
at oracle.rat.tfa.util.EncryptionUtil.decrypt(EncryptionUtil.java:96)
at oracle.rat.tfa.CommandLine.processCommand(CommandLine.java:261)
at oracle.rat.tfa.CommandLine.main(CommandLine.java:478)
Unable to determine the status of TFA in other nodes.
TFA will be upgraded on Node hostname:
Do you want to continue with TFA Upgrade ? [Y|N] [Y]: Y
Warning:
The certificate uses the MD5withRSA signature algorithm which is considered a security risk.
Stopping TFA Support Tools...
Shutting down TFA for Patching...
Shutting down TFA
ld.so.1: java: fatal: libjli.so: open failed: No such file or directory
TFA-00201 Diagnostic directory not found.
. . . . .
Killing TFA running with pid 5524
. . .
Successfully shutdown TFA..
Moving existing TFA Certificates due to MD5withRSA Signature...
Upgrading TFA on hostname :
Copying je-6.4.25.jar to /u01/app/11.2.0.4/grid/tfa/hostname/tfa_home/jlib/
Copying TFA Certificates...
Enabling TFA AutoDiagcollect...
Successfully updated firediagcollectRT to true in TFA...
Starting TFA in hostname...
Starting TFA..
Waiting up to 100 seconds for TFA to be started..
. . . . .
. . . . .
. . . . .
Successfully started TFA Process..
. . . . .
TFA Started and listening for commands
Removing /u01/app/11.2.0.4/grid/tfa/hostname/tfa_home/jlib/je-5.0.84.jar
Enabling Access for Non-root Users on hostname...
.-----------------------------------------------------------------------.
| Host | TFA Version | TFA Build ID | Upgrade Status |
+-----------------+-------------+----------------------+----------------+
| hostname | 19.2.1.0.0 | 19210020190425110550 | UPGRADED |
'-----------------+-------------+----------------------+----------------'
Error 2:
root@hostname:/u01/app/11.2.0.4/grid/tfa/bin# ./tfactl diagcollect -from "2019-06-15 17:00:00" -to "2019-06-15 18:00:00"
TFA-00103 TFA is not yet secured to run all commands
TFA has not synchronised across all nodes yet.
If an install or upgrade is in progress and the operation has not completed on all
nodes then please wait for completion and allow TFA 10 minutes to synchronize.
If no install or upgrade is in progress or you need TFA to synchronize now
Please run 'tfactl syncnodes' to generate and copy TFA Certificates.
root@hostname:/u01/app/11.2.0.4/grid/tfa/bin#
root@hostname:/u01/app/11.2.0.4/grid/tfa/bin# ./tfactl status
.-------------------------------------------------------------------------------------------------------.
| Host | Status of TFA | PID | Port | Version | Build ID | Inventory Status |
+-----------------+---------------+-------+------+------------+----------------------+------------------+
| hostname | RUNNING | 71996 | 5000 | 19.2.1.0.0 | 19210020190425110550 | RUNNING |
'-----------------+---------------+-------+------+------------+----------------------+------------------'
root@hostname:/u01/app/11.2.0.4/grid/tfa/bin# ./tfactl diagcollect -from "2019-06-15 17:00:00" -to "2019-06-15 18:00:00"
TFA-00103 TFA is not yet secured to run all commands
TFA has not synchronised across all nodes yet.
If an install or upgrade is in progress and the operation has not completed on all
nodes then please wait for completion and allow TFA 10 minutes to synchronize.
If no install or upgrade is in progress or you need TFA to synchronize now
Please run 'tfactl syncnodes' to generate and copy TFA Certificates.
Solution:
(i) root@hostname:/u01/app/11.2.0.4/grid/tfa/bin# ./tfactl syncnodes
TFA has not yet generated any certificates on this Node.
Do you want to generate new certificates to synchronize across the nodes? [Y|N] [Y]: Y
Generating new TFA Certificates...
Restarting TFA on hostname...
Shutting down TFA
Nothing to do !
TFA-00518 Oracle Trace File Analyzer (TFA) is not running (stopped)
TFAmain Force Stopped Successfully
TFA Stopped Successfully
. . . . .
. . .
Successfully shutdown TFA..
TFA-00002 Oracle Trace File Analyzer (TFA) is not running
Starting TFA..
Waiting up to 100 seconds for TFA to be started..
. . . . .
. . . . .
. . . . .
Successfully started TFA Process..
Login using root is disabled in sshd config. Please enable it orPlease copy these files manually to remote node(2nd node) and restart TFA
1. /u01/app/11.2.0.4/grid/tfa/hostname/tfa_home/server.jks
2. /u01/app/11.2.0.4/grid/tfa/hostname/tfa_home/client.jks
3. /u01/app/11.2.0.4/grid/tfa/hostname/tfa_home/internal/ssl.properties
These files must be owned by root and should have 600 permissions.
(ii) if ssh is not password less between all RAC nodes as root user , then you will have get following message in above command:
Login using root is disabled in sshd config. Please enable it orPlease copy these files manually to remote node(2nd node) and restart TFA
1. /u01/app/11.2.0.4/grid/tfa/hostname/tfa_home/server.jks
2. /u01/app/11.2.0.4/grid/tfa/hostname/tfa_home/client.jks
3. /u01/app/11.2.0.4/grid/tfa/hostname/tfa_home/internal/ssl.properties
These files must be owned by root and should have 600 permissions.
(iii) Now run you tfa
./tfactl diagcollect -from "2019-06-15 17:00:00" -to "2019-06-15 18:00:00"
Collecting data for all nodes
Scanning files from jun/15/2019 17:00:00 to jun/15/2019 18:00:00
Collection Id : 20190619120425osiscph2dbadm03
Detailed Logging at : /u01/app/oracle/tfa/repository/collection_Wed_Jun_19_12_04_26_GMT_2019_node_all/diagcollect_20190619120425_osiscph2dbadm03.log
2019/06/19 12:05:57 IST : NOTE : Any file or directory name containing the string .com will be renamed to replace .com with dotcom
2019/06/19 12:05:57 IST : Collection Name : tfa_Wed_Jun_19_12_04_26_GMT_2019.zip
2019/06/19 12:05:57 IST : Collecting diagnostics from hosts : [hostname] 2019/06/19 12:05:58 IST : Scanning of files for Collection in progress...
2019/06/19 12:05:58 IST : Collecting additional diagnostic information...
^[[6~2019/06/19 12:09:14 IST : Completed collection of additional diagnostic information...
./tfactl diagcollect -from "2019-06-15 17:00:00" -to "2019-06-15 18:00:00"
javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.AESCipher.engineDoFinal(DashoA12275)
at javax.crypto.Cipher.doFinal(DashoA12275)
at oracle.rat.tfa.util.EncryptionUtil.decrypt(EncryptionUtil.java:96)
at oracle.rat.tfa.CommandLine.processCommand(CommandLine.java:261)
at oracle.rat.tfa.CommandLine.main(CommandLine.java:478)
Not enough space in Repository or TFA_BASE to run collections
javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.AESCipher.engineDoFinal(DashoA12275)
at javax.crypto.Cipher.doFinal(DashoA12275)
at oracle.rat.tfa.util.EncryptionUtil.decrypt(EncryptionUtil.java:96)
at oracle.rat.tfa.CommandLine.processCommand(CommandLine.java:261)
at oracle.rat.tfa.CommandLine
Solution:
I reinstalled the TFA as per note (Doc ID 1513912.1)
root@hostname:/export/home/oracle/tfa# ./installTFA-SOLARIS-SPARC64
TFA Installation Log will be written to File : /tmp/tfa_install_69909_2019_06_19-11_32_53.log
Starting TFA installation
TFA Version: 192100 Build Date: 201904251105
TFA HOME : /u01/app/11.2.0.4/grid/tfa/hostname/tfa_home
Installed Build Version: 121284 Build Date: 201702032305
TFA is already installed. Upgrading TFA
TFA Upgrade Log : /u01/app/11.2.0.4/grid/tfa/hostname/tfapatch.log
javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.AESCipher.engineDoFinal(DashoA12275)
at javax.crypto.Cipher.doFinal(DashoA12275)
at oracle.rat.tfa.util.EncryptionUtil.decrypt(EncryptionUtil.java:96)
at oracle.rat.tfa.CommandLine.processCommand(CommandLine.java:261)
at oracle.rat.tfa.CommandLine.main(CommandLine.java:478)
javax.crypto.BadPaddingException: Given final block not properly padded
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.SunJCE_h.b(DashoA12275)
at com.sun.crypto.provider.AESCipher.engineDoFinal(DashoA12275)
at javax.crypto.Cipher.doFinal(DashoA12275)
at oracle.rat.tfa.util.EncryptionUtil.decrypt(EncryptionUtil.java:96)
at oracle.rat.tfa.CommandLine.processCommand(CommandLine.java:261)
at oracle.rat.tfa.CommandLine.main(CommandLine.java:478)
Unable to determine the status of TFA in other nodes.
TFA will be upgraded on Node hostname:
Do you want to continue with TFA Upgrade ? [Y|N] [Y]: Y
Warning:
The certificate uses the MD5withRSA signature algorithm which is considered a security risk.
Stopping TFA Support Tools...
Shutting down TFA for Patching...
Shutting down TFA
ld.so.1: java: fatal: libjli.so: open failed: No such file or directory
TFA-00201 Diagnostic directory not found.
. . . . .
Killing TFA running with pid 5524
. . .
Successfully shutdown TFA..
Moving existing TFA Certificates due to MD5withRSA Signature...
Upgrading TFA on hostname :
Copying je-6.4.25.jar to /u01/app/11.2.0.4/grid/tfa/hostname/tfa_home/jlib/
Copying TFA Certificates...
Enabling TFA AutoDiagcollect...
Successfully updated firediagcollectRT to true in TFA...
Starting TFA in hostname...
Starting TFA..
Waiting up to 100 seconds for TFA to be started..
. . . . .
. . . . .
. . . . .
Successfully started TFA Process..
. . . . .
TFA Started and listening for commands
Removing /u01/app/11.2.0.4/grid/tfa/hostname/tfa_home/jlib/je-5.0.84.jar
Enabling Access for Non-root Users on hostname...
.-----------------------------------------------------------------------.
| Host | TFA Version | TFA Build ID | Upgrade Status |
+-----------------+-------------+----------------------+----------------+
| hostname | 19.2.1.0.0 | 19210020190425110550 | UPGRADED |
'-----------------+-------------+----------------------+----------------'
Error 2:
root@hostname:/u01/app/11.2.0.4/grid/tfa/bin# ./tfactl diagcollect -from "2019-06-15 17:00:00" -to "2019-06-15 18:00:00"
TFA-00103 TFA is not yet secured to run all commands
TFA has not synchronised across all nodes yet.
If an install or upgrade is in progress and the operation has not completed on all
nodes then please wait for completion and allow TFA 10 minutes to synchronize.
If no install or upgrade is in progress or you need TFA to synchronize now
Please run 'tfactl syncnodes' to generate and copy TFA Certificates.
root@hostname:/u01/app/11.2.0.4/grid/tfa/bin#
root@hostname:/u01/app/11.2.0.4/grid/tfa/bin# ./tfactl status
.-------------------------------------------------------------------------------------------------------.
| Host | Status of TFA | PID | Port | Version | Build ID | Inventory Status |
+-----------------+---------------+-------+------+------------+----------------------+------------------+
| hostname | RUNNING | 71996 | 5000 | 19.2.1.0.0 | 19210020190425110550 | RUNNING |
'-----------------+---------------+-------+------+------------+----------------------+------------------'
root@hostname:/u01/app/11.2.0.4/grid/tfa/bin# ./tfactl diagcollect -from "2019-06-15 17:00:00" -to "2019-06-15 18:00:00"
TFA-00103 TFA is not yet secured to run all commands
TFA has not synchronised across all nodes yet.
If an install or upgrade is in progress and the operation has not completed on all
nodes then please wait for completion and allow TFA 10 minutes to synchronize.
If no install or upgrade is in progress or you need TFA to synchronize now
Please run 'tfactl syncnodes' to generate and copy TFA Certificates.
Solution:
(i) root@hostname:/u01/app/11.2.0.4/grid/tfa/bin# ./tfactl syncnodes
TFA has not yet generated any certificates on this Node.
Do you want to generate new certificates to synchronize across the nodes? [Y|N] [Y]: Y
Generating new TFA Certificates...
Restarting TFA on hostname...
Shutting down TFA
Nothing to do !
TFA-00518 Oracle Trace File Analyzer (TFA) is not running (stopped)
TFAmain Force Stopped Successfully
TFA Stopped Successfully
. . . . .
. . .
Successfully shutdown TFA..
TFA-00002 Oracle Trace File Analyzer (TFA) is not running
Starting TFA..
Waiting up to 100 seconds for TFA to be started..
. . . . .
. . . . .
. . . . .
Successfully started TFA Process..
Login using root is disabled in sshd config. Please enable it orPlease copy these files manually to remote node(2nd node) and restart TFA
1. /u01/app/11.2.0.4/grid/tfa/hostname/tfa_home/server.jks
2. /u01/app/11.2.0.4/grid/tfa/hostname/tfa_home/client.jks
3. /u01/app/11.2.0.4/grid/tfa/hostname/tfa_home/internal/ssl.properties
These files must be owned by root and should have 600 permissions.
(ii) if ssh is not password less between all RAC nodes as root user , then you will have get following message in above command:
Login using root is disabled in sshd config. Please enable it orPlease copy these files manually to remote node(2nd node) and restart TFA
1. /u01/app/11.2.0.4/grid/tfa/hostname/tfa_home/server.jks
2. /u01/app/11.2.0.4/grid/tfa/hostname/tfa_home/client.jks
3. /u01/app/11.2.0.4/grid/tfa/hostname/tfa_home/internal/ssl.properties
These files must be owned by root and should have 600 permissions.
(iii) Now run you tfa
./tfactl diagcollect -from "2019-06-15 17:00:00" -to "2019-06-15 18:00:00"
Collecting data for all nodes
Scanning files from jun/15/2019 17:00:00 to jun/15/2019 18:00:00
Collection Id : 20190619120425osiscph2dbadm03
Detailed Logging at : /u01/app/oracle/tfa/repository/collection_Wed_Jun_19_12_04_26_GMT_2019_node_all/diagcollect_20190619120425_osiscph2dbadm03.log
2019/06/19 12:05:57 IST : NOTE : Any file or directory name containing the string .com will be renamed to replace .com with dotcom
2019/06/19 12:05:57 IST : Collection Name : tfa_Wed_Jun_19_12_04_26_GMT_2019.zip
2019/06/19 12:05:57 IST : Collecting diagnostics from hosts : [hostname] 2019/06/19 12:05:58 IST : Scanning of files for Collection in progress...
2019/06/19 12:05:58 IST : Collecting additional diagnostic information...
^[[6~2019/06/19 12:09:14 IST : Completed collection of additional diagnostic information...
Comments