At least one field decryption failed, check ENCRYPTION_KEY

betriebsrat · March 20, 2023, 10:05am

Problem:
I need a way to reset all encrypted field, or at least an info which field is affected.
The old ENCRYPTION_KEY got lost during a datamigration.

[root@katello tmp]# foreman-rake katello:delete_orphaned_content RAILS_ENV=production
At least one field decryption failed, check ENCRYPTION_KEY

I already searched the forum and found a thread where the solution was to reprovide all passwords. I already did that on all i found, but there seem some missing still.

Expected outcome:

Foreman: 3.5.2

Distribution and version:
Oracle Linux 8.7

ekohl · March 20, 2023, 12:08pm

I’m not sure how easy it is to recover, but there are some rake tasks that may help:

foreman-rake security:generate_encryption_key
foreman-rake db:decrypt_all
foreman-rake db:encrypt_all