Secure Store reencrypt credentials failed - Event 7510 (SharePoint Server 2010)

 

Applies to: SharePoint Server 2010

Alert Name:   Secure Store reencrypt credentials failed

Event ID:   7510

Summary:   The credentials stored in the secure store credential database are encrypted by using a master key. When the master key is changed, the system decrypts the data in the database by using the old master key and re-encrypts it by using the new master key.

If the old master key is not valid or is not available, the re-encryption process will fail. The credentials stored in the database will not be usable, and all client applications that rely on the Secure Store service application for authentication will fail.

Symptoms:   The following event appears in the event log: Event ID: 7510 Description: The Secure Store service application %name% errored out. The credentials encryption process failed. "n" credentials were not encrypted correctly.

Cause:   One or more of the following might be the cause:

  • The master encryption key is not valid.

  • The secure store database failed while it was being encrypted.

  • The secure store database is corrupted.

Resolution:   Create a new encryption key

  1. Verify that you have the following administrative credentials:

    • You must be a service application administrator for the Secure Store service.
  2. On the Central Administration Home page, under Application Management, click Mange service applications.

  3. Click the Secure Store service application.

  4. In the Key Management group, click Generate New Key.

  5. On the Generate New Key page, type a pass phrase string in the Pass Phrase box, and type the same string in the Confirm Pass Phrase box.

    Important

    A passphrase string must consist of at least eight characters and must include at least three of the following four elements:

    • Uppercase characters

    • Lowercase characters

    • Numerals

    • Any of the following special characters

      “! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~

    Tip

    The passphrase that you enter will not be stored. Make sure you write it down and store it in a safe place. At times you will need it to refresh the key, such as when you add a new application server to the server farm.

  6. Click OK.

Resolution:   Restore the secure store database