Pentaho

 View Only

 AES Password Encoder doesn't search kettle.properties in KETTLE_HOME env

Tobias Kuhrke's profile image
Tobias Kuhrke posted 12-13-2023 12:52

Hi,

I tried to enable AES password security for PDI as describt here: AES security

Hitachi Vantara Lumada and Pentaho Documentation remove preview
AES security
To use 192-bit or 256-bit encryption strengths with Java 8, you must install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy files. If you only want to use 128-bit encryption or you are using Java 11, proceed to Create an AES key file. NoteCountry restrictions may apply when using higher encryption strengths.
View this on Hitachi Vantara Lumada and Pentaho Documentation >

We changed our KETTLE_HOME from %USER%/.kettle to d:\SOMEPATH\.kettle. For reading the defined properties and using them in Transformations or Jobs this work. But when I try using the AES PASSWORD ENCODE spoon.bat fails to start and in the spoon.log in a error:

Could not find kettle.properties
C:\Users\USER\.kettle\kettle.properties (Das System kann den angegebenen Pfad nicht finden)


    at org.pentaho.di.core.encryption.Encr.init(Encr.java:72)
    at org.pentaho.di.core.KettleClientEnvironment.init(KettleClientEnvironment.java:125)
    at org.pentaho.di.core.KettleClientEnvironment.init(KettleClientEnvironment.java:81)
    at org.pentaho.di.core.KettleEnvironment.init(KettleEnvironment.java:134)
    at org.pentaho.di.core.KettleEnvironment.init(KettleEnvironment.java:101)
    at org.pentaho.di.core.KettleEnvironment.init(KettleEnvironment.java:82)
    at org.pentaho.di.ui.spoon.Spoon$1.call(Spoon.java:654)
    at org.pentaho.di.ui.spoon.Spoon$1.call(Spoon.java:646)
    at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
    at java.base/java.lang.Thread.run(Thread.java:829)

Is there an workaround?

I tried to build PDI 9.4 from github to debug the problem. But unfortunately PDI doesn't compile anymore out of the Box, not the 9.4 nor 9.5 or 10.1. Will it be possible in future again?

Greetings,

Tobias

Stephen Donovan's profile image
Stephen Donovan posted 12-20-2023 17:40

Tobias,

AES Encryption is an EE feature.  If you have an EE license and are still having issues, please file a Support ticket and we will attempt to assist.   If you are using CE, you will likely dig deep enough to see a null pointer or class not found exception.

Related Content