While logged in to the Edge proxy, after you have just created and saved a new Edge Encryption rule:

  • The following error is issued repeatedly in the edgeeencryption.log:

    ERROR "<Edge Encryption Rule Name>" is not defined

  • An attempt to log in via the Edge proxy returns you to the same login screen regardless of whether you are attempting a local or LDAP login or a login using SAML SSO. The login is not possible via the proxy.

  • Logins to the regular instance URL (not using the Edge proxy) work without issue.

  • If you are already logged in via the Edge proxy, you might see a Edge Encryption error screen referencing the same rule error ("The Encryption Proxy detected an error.") seen in the edgeeencryption.log when trying to navigate to different places in the UI, as shown in the following example:



The newly created Edge Encryption rule has a syntax error. For example, suppose a rule is created as follows:

  • Name: ExampleJson

  • Condition field:

    function ExampleJsonAction(request) { 
  • Action field:

    function ExampleJsonAction(request) { 

The problem is that the Condition field is incorrect. The function name is called function ExampleJsonAction(request).

However, instead of the Action designation, it should have the Condition designation as follows: function ExampleJsonCondition(request)


  • If you are already logged in via the proxy, set the new rule to Active = false, and correct any syntax errors before reactivating the rule. 

  • If you are unable to log in to the proxy, to deactivate the rule you will need assistance from ServiceNow Support to recover. Enter a new incident for Edge Encryption.

    The following steps need to be carried out by ServiceNow Support and the Edge Encryption administrator:

    1. ServiceNow Support: Go to the write ACL for sys_encryption_rule, check the Admin overrides checkbox, then save.

    2. ServiceNow Support: Go to the Edge Encryption Rule that has the syntax error, set Active = false, and save.

    3. ServiceNow Support: Go back to the write ACL for sys_encryption_rule, uncheck the Admin overrides checkbox, and save.

    4. Edge Encryption admin: The action taken in Step 1 will cause a signature error. To correct this error, follow the steps in KB0621218. In step 3 in these instructions, change the name of the rule to any value and save it in order to re-sign the rule.

    5. Edge Encryption admin: Stop the proxy again and follow the steps in KB0621286.

      After the proxy restart, the issue should be resolved. Be sure not to activate the incorrect rule again until the syntax error is corrected.

    Note: Starting in the Kingston release, the UI will prevent the entry of this kind of syntax error on the Rules page. If a save of this type of incorrect rule is attempted it will be blocked by the UI with the following example output:

    Condition name is not the expected value. The expected value is 
    'ExampleJsonCondition'. Please correct Condition Name and try again.
    Invalid insert

Article Information

Last Updated:2019-08-02 21:17:11