ESSO master secret has exceeded one year.It is recommended that this key be updated after a one year lifetime.

ISSUE DEFINITION:
You might have observed the below message in the event viewer that your ESSO master secret has exceeded one year and it is recommended that your master secret key needs to be updated after a one year lifetime.

blog118-1a

CAUSE:
It is a requirement of the Secure Development Lifecycle – “Limit Cryptographic Key Lifetimes”  o limit the age of passwords/secrets, which we implemented as a warning.
In the next upcoming BizTalk versions (2016 onwards) it will be strictly enforced. (i.e. you will be forced to change the secret)

SOLUTION:
1. If you see this errror/ waring message in event viewer, You might need to consider to install these two patches first.
https://support.microsoft.com/en-us/kb/3000847  - Bad data fix for corrupted key
https://support.microsoft.com/en-us/kb/3062831  - Memory leak caused by previous fix

2. If you still see this error, then consider changing your master secret key.
Take a backup of your existing key. Regenerate your Master Secret key.

Written By
Swarna Prabhu
Microsoft GTSC

Comments

  • Anonymous
    December 06, 2016
    For kb 3000847 it says After you apply the hotfix in the "Resolution" section, the Enterprise Single Sign-On (ENTSSO) service experiences a memory leak. Therefore, we recommend that you install the later fix instead." which links to 3062831. So you should only need to install the one patch