ERPM RADIUS Shared Secret Cannot Exceed 40 Characters

Follow

Date: August 25, 2016
Revision: 1.2

Problem
When configuring ERPM 5.4.0 or earlier to use RADIUS authentication, a shard secret is required. The shared secret field in the RADIUS configuration dialog appears to allow putting in shared secrets of up to 255 characters. However, when long passwords are used, and the dialog is re-opened, the shared secret is missing and a data decryption error is logged in the primary ERPM log.

Code:
Decryption of data 'SOME-REALLY-LONG-STRING-OF-RANDOM-CHARACTERS' failed (returning empty value); error 0x80090005 - Bad Data.

Cause
The problem occurs because ERPM 5.4.0 or earlier is not properly handling shared secrets longer than 40 characters for RADIUS clients.

Resolution
The resolution for ERPM version 5.4.0 or earlier is to configure shared secrets of 40 characters or less. If upgrading is a possibility, please upgrade to ERPM version 5.5.0 or later where long secrets may be used.

Applies To

  • Enterprise Random Password Manager (ERPM) v5.4.0 and earlier.
Was this article helpful?
0 out of 0 found this helpful

Comments

Powered by Zendesk