Follow

A call to SSPI failed ... The specified data could not be decrypted

Symptoms

  1. The Log Service runs but fails to write new logs to any channel (eg. Default SQL channel)
  2. The following error shows in the windows event viewer

An error occurred authenticating the connection from the client '[::ffff:171.189.172.60]:7309'. Error: System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> System.ComponentModel.Win32Exception: The specified data could not be decrypted
--- End of inner exception stack trace ---
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at c.d()

Cause

This could be caused by a lack of permissions to the VOC and/or its private key:

How to Test

You can verify that this is due to a permissions issue by running the Log Service as an administrator:

  1. Shut down the Venafi Log Server service
  2. Open a command prompt as Administrator
  3. cd to the venafi platforms directory (eg. cd C:\Program Files\Venafi\Platform)
  4. run the command: LogServer -s -c

This will launch a new, empty command prompt window which represents the logserver service. Closing this window will stop the service. With the window open, look at the windows event viewer to see if the above error message continues. Also, the Log service should begin processing events and adding entries to the log channels (eg. Default SQL channel)

Was this article helpful?
1 out of 1 found this helpful

Comments