Sitecore EXM: Broken key

tl/dr: Check you config-keys! 😉


I found two errors in my sitecore logs. There were keywords inside like “Alias PII removed” and “key – cannot be null”.

MessageTaskRunner worker thread 6 10:45:51 ERROR Failed to create DispatchFailedTask for 'Alias PII removed'.
Exception: System.ArgumentNullException
Message: Value cannot be null.
Parameter name: key
Source: System.Core
at System.Security.Cryptography.AesManaged.CreateEncryptor(Byte[] key, Byte[] iv)
at Sitecore.Modules.EmailCampaign.Core.Crypto.AuthenticatedAesStringCipher.EncryptBytes(Byte[] messageBytes)
at Sitecore.Modules.EmailCampaign.Core.Crypto.AuthenticatedAesStringCipher.Encrypt(String message)
at Sitecore.Modules.EmailCampaign.Core.Pipelines.HandleMessageEventBase.EventDataService.EmailEventToDto(EmailEvent emailEvent)
at Sitecore.Modules.EmailCampaign.Core.Pipelines.HandleMessageEventBase.EventDataService.EventDataToDto(EventData eventData)
at Sitecore.EmailCampaign.Cm.Dispatch.DispatchTask.CreateDispatchFailedTask(ContactIdentifier contactIdentifier, String failureReason, Boolean updateUndeliveredCount)

And another similar one:

MessageTaskRunner worker thread 11 15:24:10 ERROR Message sending error: System.ArgumentNullException: Value cannot be null.
Parameter name: key
at System.Security.Cryptography.AesManaged.CreateEncryptor(Byte[] key, Byte[] iv)
at Sitecore.Modules.EmailCampaign.Core.Crypto.AuthenticatedAesStringCipher.EncryptBytes(Byte[] messageBytes)

[...]

I figured that the only related thing to “encryption” were two keys in my sitecore config called:

  • EXM.CryptographicKey
  • EXM.AuthenticationKey

(Also have a look here: https://doc.sitecore.com/xp/en/developers/exm/103/email-experience-manager/configure-exm-in-a-scaled-environment.html)

But they were filled (and on all systems equally – so I skipped this thought)

Solution:

After some reading I realized that it said “hexadecimal 64-character string” should be in there … so actually a key that is then used to encrypt data like lists and emails, but someone put in there a generated “secure password” with lots of various characters … so the simple solution was: “the keys were in the wrong format”.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

I accept that my given data and my IP address is sent to a server in the USA only for the purpose of spam prevention through the Akismet program.More information on Akismet and GDPR.

This site uses Akismet to reduce spam. Learn how your comment data is processed.