Description
Edge Encryption Proxy Error "Failed to load encryption rules"
You start the Edge Encryption proxy and see an error similar to this in the logfile proxy_installation_location/logs/edgeencryption.log:
2017-01-27 10:39:58,744 ERROR Encryption rules for post were deleted from the ServiceNow instance. Contact support to restore the encryption rules.
2017-01-27 10:39:58,744 ERROR Failed to load encryption rules from the ServiceNow instance: Failed to load rules.
Cause
The Edge Encryption rules have failed validation with respect to syntax, signature, or deletion.
The proxy keeps a local copy of the Edge Encryption rules in the encryptionconfiguration.json file and in the /rules folder (London and earlier) or /cache folder (Madrid and later) on the proxy. The error occurs if there is a rules mismatch between the instance and the proxy.
If there is a validation problem, the trust is broken and the proxy only trusts its local copies until recovery.
Resolution
Remove the rules-related files from the proxy and obtain them from the instance. Repeat this for each proxy on the instance, one proxy at a time.
- If the proxy is already running shut it down.
- On the Edge Encryption proxy server machine, go to the directory proxy_installation_location/conf.
- Remove or rename the encryptionconfiguration.json file.
- Go to proxy_installation_location/rules. (or proxy_installation_location/cache in Madrid and newer)
- Remove all of the rule related files in this /rules or /cache directory.
- For example, the files in the /rules || /cache directory will usually be:
- encryptionGetRules.js
- encryptionPostRules.js
- getRulesSysIds
- postRulesSysIds
- Start the proxy again.
- The rules-related error should be gone, and a new encryptionconfiguration.json file and new files should be created in the /rules || /cache folder from the instance