Try ERPNext Buy Support Partners Foundation

Encryption key is invalid, Please check site_config.json on restore

I restore the database of different site to my site, now if I send an email it gives me error that ‘Encryption key is invalid, Please check site_config.json’ . How to resolve it?

Hi @Khadija,

you also need to restore the encryption key from the original site, this is required to decrypt in this case the email account data to send mails.

On the original system, open your site_config.json, find the encryption key and paste this into the encryption key field of the new systems’ site_config.json. The site_config.json is found in a typical install under /home/frappe/frappe-bench/sites/site1.local/site_config.json

Hope this helps.

1 Like

Hey @lasalesi

what happens in the case where you lost the key from the original site. all i have access to is the backup files…How can this issue be fixed with the Previous encryption key

Regards

In case the encryption key is lost, there is little to no chance to gain access to the encrypted content (typically passwords). If it only affects sending mails, consider simply setting the mail account password again with the new key. And make sure to have a backup of the complete ./sites folder…

So???

ErpNext backup does NOT “… back up the complete sides folder…”? WTF?

Disk crash. Reinstall. Restore. Restart. Passwords? SSL Certs? Encryption_key?

Oh, those you need to backup yourself!
Didn’t we tell you?

Oooops! Sorry? Oh, dear.

Hi @MartinHBramwell,

read it like this: ERPNext backup will create a database dump and optionally compress your files. Consider this a preparation for your actual backup. You need to copy these files to an external storage of your choice, there are various options (sshmount, smb, nfs, …). When you copy, take the complete sites folder and you are all set. Additionally, I would recommend to also backup the VM image, just in case…

SSL certificates are based on let’s encrypt, just get a new cert after restore.

Hope this clarifies things.

Thank you @lasalesi for the tip!

Quickly SSHing to server to copy /sites folder offsite!

Please share details of your concerns and expectations - the more precise the better - this discourse may help inform you frappe.exceptions.ValidationError: Encryption key is invalid, Please check site_config.json

1 Like

The issue I have with this is that it’s so arbitrary. I mean why does the current procedure NOT include the site directory? The procedure archives: database, private files and public files. So, that covers everything, obviously! Not so much.

It’s also bizarre that the site_config.json file and the private folder have rw-r--r-- permissions. Private directory is readable by anyone! Seriously?

@MartinHBramwell
Hello, you can easily solve the issue of Encryption_key, just by resetting the Email id and password in the Email Notifications.

2 Likes

I understand your frustration. Just keep in mind, this is an open source software. What you make of it is up to you… You cannot rely on someone else to make sure your backup works. If you are looking for that, check out the solution provider list https://erpnext.org/service-providers

1 Like

I am well aware that this is Open Source. I’ve been working with OSS for decades and understand all the risks and pressures that derive from it’s use. I invested a huge amount of time in the OpenERP (before Odoo) forums supporting other users, contributing fixes, tutorials and more. Then they started closing it up and sowing land mines to make it harder and harder to avoid paying them for hosting and support … despite being a nearly full-time contributor.

ErpNext looks like what I wanted from Odoo. But I have only been evaluating it for a few weeks and kind of freak out when I see the sorts of defects we are talking about here. I am particularly dismayed by the defects in the installation and getting started process. I want ErpNext to succeed, so a rocky installation sequence sends a very bad signal.

Btw. Thank you for stepping in and responding to my concerns. I see that both you and @clarkej are concerned about managing perceptions, which is a good thing … unless it’s lipstick on a pig. I’m not saying you are doing that! But, I have lost time on other OSS (and commercial products for that matter) that manage perceptions while ignoring fundamentals. In my evaluation I’m trying to see whether I am again going to be throwing months of my life at a dead end.

Are you saying that the encryption key is for one single email password and nothing else?

Hi @MartinHBramwell,

thanks for your feedback and explanation. I understand your concern and I know that getting started, as you say, involves a heavy learning curve. From what I can say, it is worth it. But you have to judge this for yourself. Would be happy to see you as part of this community.

As for the encryption key, this is used to encrypt/decrpyt all password fields.

1 Like

You are not alone @James_Robertson advocated for attention to that here Files Handling Security Issue

Also on the security topic (that I know of) these may interest you -

Unfortunately this kind of stuff is a big reason why I moved away from ERPNext to another platform. The devs seem to be much more interested in cool new stuff and forget about core functionality and security. I can’t run a business off of a platform that is not secure and does not do the basics right. The issue I opened on this security issue 2 years ago is still open and looks to be in some kind of limbo. Sad really.

1 Like

Out of curiosity, what did you move to?

We went with ERP5. Supports local installs (and cloud if you want), written in Python which we are good at and the modularity of the system makes our lives easier. The interface is a little old-school, but if my users are fine I am too.