Upgrading to Crowd 4.2 or later throws missing keysjavax.crypto.spec.SecretKeySpec_* error

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

Problem

When attempting to upgrade to Crowd 4.2 it fails and the following appears in the atlassian-crowd.log:

Cause: java.lang.RuntimeException: java.io.FileNotFoundException: /var/atlassian/application-data/crowd/shared/keys/javax.crypto.spec.SecretKeySpec_1620133793202 (No such file or directory)

Environment

Crowd 4.2 and above

Diagnosis

The error indicates that the SecretKeySpec file does not exist.

Cause

Starting from Crowd 4.2, all passwords for external systems stored in Crowd are encrypted by default.

⚠️ It is crucial to make sure you backup your encryption keys. Without them you won't be able to properly restore Crowd from backup.

Solution

The encryption keys are stored in the shared folder {crowdHome}/shared/keys. To backup the keys, copy the {crowdHome}/shared/keys directory to the secure place.

To correctly restore from backup with encrypted passwords, corresponding keys must be present in the {crowdHome}/shared/keys, otherwise, Crowd won't be able to decrypt passwords.

For more information, see Password encryption.

Updated on April 8, 2025
Platform
Data Center only
Product
Crowd Data Center
On this pageSummaryDiagnosisCauseSolution

Still need help?

The Atlassian Community is here for you.
Ask the Community