Welcome to the Inedo Forums! Check out the Forums Guide for help getting started.
If you are experiencing any issues with the forum software, please visit the Contact Form on our website and let us know!
Proget Vulnerability Scan: "Padding is invalid and cannot be removed"
-
When running a vulnerability scan on the unapproved nuget feed I get the following error.
"Padding is invalid and cannot be removed."
There is no additional information that I can find. I did see a similar post in this forum here but no resolution was offered. Has anyone had this problem on Proget?
-
Hi @john-a-henson_0753 ,
Without seeing the stack trace it's hard to say, but that error typically is related to a decryption failure of some kind of secret. I'm guessing the API key?.
That most often happens when migrate to a different server, but don't bring over the same encryption key. If you can make sure the encryption key is same, then the error goes away.
Otherwise, you can just delete the vulnerability source and add it back.
Cheers,
Alana
-
That was the answer. Something about the API key was not working. I had to delete the source and recreate but that still didn't fix it. I then had to go into OSS side and regenerate the API key and add it back to the newly created source. Thanks again for pointing me in the right direction.
-
Hi @atripp
I am getting same error and yes I am moving buildmaster to another server. Where should i look for encryption key ?
In Server, when i click on any existing server it has "Type": "decryption failed".
Thanks.
-
I copied encryption key from c:\ProgramData\Inedo\Shared config, and no longer getting that error. But still all server status are "unknown".
-
@vishal_2561 please restart the BUildMaster service and wait for a few minutes for the servers to update; if there's still issues, please post details to a new topic :)