Identity Service PostInstall Secret & Secret PIT Issue

Identity Service PostInstall Secret & Secret PIT Issue


When you are registering a new URL in Security tab of Identity Service UI,
you get the following error.


<Cause>

*Postinstall secret key was replaced based on different Secret PIT.

*This error occurs when you run Identity Service PostInstall on existing database twice
*Postinstall should be executed on empty database just only once. Unique Secret PIT and PostInstall Secret key were generated.

V22.8 installer runs this Postinstall even though upgrading


<Security Perspective>

*We have to manually fix this Postinstall Secret key.
*This is because we should not allow anyone to change Secret Key. If Postinstall program automatically changes the exisiting database, it will be a security breach.


<Measurement>

*From next release (V22.9), If the installer finds existing Secret PIT, it doesn't run PostInstall.
<Manual Fix>
*Documents attached here.

    • Related Articles

    • API Program + Bat File For Importing User CSV file

      I created a makeshift short program to import users' CSV file into EasyAdmin by API program and Bat File. This program works under the environment of Identity Security Mode and OpenLM Server. <Important: You can't change the file name. These files ...