Could not decrypt KDM error:0407A079

[fabelton]

Dear Carl,

I'm getting the following error upon selecting the KDM:
Error: Could not decrypt KDM (error:0407A079:rsa routines:RSA_padding_check_PKCS1_OAEP:oaep decoding error.

I sent DCP-o-matic decrypt certificates to the lab (chain+interm+leaf+root).

Could you please help us investigate the problem?

Thank you.

Update: Version used: 2.10.5; the certificate was exported with a previous version.

[Carsten]

-double

[Carsten]

I suggest you first backup/export your existing decryption certificates and recreate them. Then send only the leaf certificate to the company issuing the (D)KDM. See wether that changes anything.

Technically, only the leaf certificate is necessary. If they absolutely want or need the full chain, wait until they request it.

As a test, you can create a simple encrypted test DCP, create a (D)KDM for your own DOM installation (by creating a screen from your own leaf certificate), and then try to decrypt it within DOM with your KDM. That's a simple test to find out that and how it works.

- Carsten

[fabelton]

Dear Carsten,

Thank you for the quick reply.
I made an encrypted DCP and a DKDM using Jobs->Make DKDM for DCP-o-matic. After opening the encrypted footage I added the leaf certificate and it decrypted the test footage as intended. I also made a KDM using Jobs->Make KDM dialogue and after adding the XML to the footage it works as well.

As per your suggestion I recreated the decryption certificates and will send only the leaf to the lab.
I'll keep you posted as I have any news.