Unable to access configuration page: Padding is invalid and cannot be removed.

[mendoza2fast]

Navigating to Admin -> Configuration results in the following page being displayed:

Server Error in '/' Application.

Padding is invalid and cannot be removed.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Security.Cryptography.CryptographicException: Padding is invalid and cannot be removed.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[CryptographicException: Padding is invalid and cannot be removed.]
System.Security.Cryptography.RijndaelManagedTransform.DecryptData(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount, Byte[]& outputBuffer, Int32 outputOffset, PaddingMode paddingMode, Boolean fLast) +3999831
System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount) +296
System.Security.Cryptography.CryptoStream.FlushFinalBlock() +34
System.Security.Cryptography.CryptoStream.Dispose(Boolean disposing) +86
System.IO.Stream.Close() +21
FalconOrchestrator.DAL.Crypto.AES_Decrypt(Byte[] bytesToBeDecrypted, Byte[] passwordBytes) in C:\Orchestrator\falcon-orchestrator\FalconOrchestrator.DAL\Helpers.cs:212
FalconOrchestrator.DAL.Crypto.DecryptText(String input, String password) in C:\Orchestrator\falcon-orchestrator\FalconOrchestrator.DAL\Helpers.cs:180
FalconOrchestrator.DAL.AppConfiguration.get_EMAIL_PASSWORD() in C:\Orchestrator\falcon-orchestrator\FalconOrchestrator.DAL\AppConfiguration.cs:127
FalconOrchestratorWeb.Areas.Admin.Repository.ConfigurationRepository.MapExisitingValues() in C:\Orchestrator\falcon-orchestrator\FalconOrchestrator.Web\Areas\Admin\Repository\ConfigurationRepository.cs:39
lambda_method(Closure , ControllerBase , Object[] ) +66
System.Web.Mvc.ActionMethodDispatcher.Execute(ControllerBase controller, Object[] parameters) +14
System.Web.Mvc.ReflectedActionDescriptor.Execute(ControllerContext controllerContext, IDictionary2 parameters) +182 System.Web.Mvc.ControllerActionInvoker.InvokeActionMethod(ControllerContext controllerContext, ActionDescriptor actionDescriptor, IDictionary2 parameters) +27
System.Web.Mvc.Async.<>c__DisplayClass42.b__41() +28
System.Web.Mvc.Async.<>c__DisplayClass81.<BeginSynchronous>b__7(IAsyncResult _) +10 System.Web.Mvc.Async.WrappedAsyncResult1.End() +50
System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethod(IAsyncResult asyncResult) +49
System.Web.Mvc.Async.<>c__DisplayClass39.b__33() +58
System.Web.Mvc.Async.<>c__DisplayClass4f.b__49() +225
System.Web.Mvc.Async.<>c__DisplayClass37.b__36(IAsyncResult asyncResult) +10
System.Web.Mvc.Async.WrappedAsyncResult1.End() +50 System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethodWithFilters(IAsyncResult asyncResult) +49 System.Web.Mvc.Async.<>c__DisplayClass2a.<BeginInvokeAction>b__20() +24 System.Web.Mvc.Async.<>c__DisplayClass25.<BeginInvokeAction>b__22(IAsyncResult asyncResult) +99 System.Web.Mvc.Async.WrappedAsyncResult1.End() +50
System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeAction(IAsyncResult asyncResult) +44
System.Web.Mvc.<>c__DisplayClass1d.b__18(IAsyncResult asyncResult) +14
System.Web.Mvc.Async.<>c__DisplayClass4.b__3(IAsyncResult ar) +16
System.Web.Mvc.Async.WrappedAsyncResult1.End() +50 System.Web.Mvc.Controller.EndExecuteCore(IAsyncResult asyncResult) +38 System.Web.Mvc.Async.<>c__DisplayClass4.<MakeVoidDelegate>b__3(IAsyncResult ar) +16 System.Web.Mvc.Async.WrappedAsyncResult1.End() +50
System.Web.Mvc.Controller.EndExecute(IAsyncResult asyncResult) +28
System.Web.Mvc.Controller.System.Web.Mvc.Async.IAsyncController.EndExecute(IAsyncResult asyncResult) +10
System.Web.Mvc.<>c__DisplayClass8.b__3(IAsyncResult asyncResult) +25
System.Web.Mvc.Async.<>c__DisplayClass4.b__3(IAsyncResult ar) +16
System.Web.Mvc.Async.WrappedAsyncResult`1.End() +50
System.Web.Mvc.MvcHandler.EndProcessRequest(IAsyncResult asyncResult) +28
System.Web.Mvc.MvcHandler.System.Web.IHttpAsyncHandler.EndProcessRequest(IAsyncResult result) +9
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +9744373
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +155

[mr-burnse]

Did you happen to update from v1.0 to v1.1? This error is an indication that the CryptoKey (value provided upon installation) has been changed. Thus it cannot properly decrypt configuration info from the database.

[mendoza2fast]

No, original install was done using 1.1.

[mr-burnse]

This is the very first time you opened the Admin page for inputing configuration? In the file C:\Inetpub\Falcon Orchestrator\web.config under the appSettings section, do you see the CryptoKey configuration? If so, is it set to the value you input during the installation process?

[mendoza2fast]

Have accessed the page before. The CryptoKey section exists in the web.config, and the value is correct.

[mr-burnse]

That would imply somehow the CryptoKey has changed since when you first used the admin app to input credentials. Please try running the following SQL query directly against the database to delete the saved credentials. You will need to re-enter them into the UI afterwards:

delete from Configurations where "Key" in ('LDAP_PASSWORD',
'EMAIL_PASSWORD',
'FALCON_STREAM_KEY',
'FALCON_FORENSICS_PASSWORD',
'FALCON_FORENSICS_ENCRYPTION_PASSWORD',
'FALCON_QUERY_PASSWORD')

[mendoza2fast]

Fixed! Thank you.

[mr-burnse]

Glad to hear it! Closing this out.