OpenAMSettingsImpl.java attempts to decode the storepass. In AM 14, storepass is no longer encrypted with the instance password. This will cause OAUth2 RSA key signing to fail.
The biggest issue with this class is the getServerKeyPair method - which duplicates existing functionality in AMKeyProvider.
The method should be changed to use AMKeyProvider - as the logic can be centralized in one place. Even if we elect to change the storepass to be encrypted, it should be done in one place.