500: Internal Server Error. Wrong decryption key

[griff92]

When a user gets to the end of a survey they receive the following error message.

Wrong decryption key! Decryption key has changed since this data were last saved, so data can't be decrypted. Please consult our manual at https://manual.limesurvey.org/Data_encryption#Errors.

Re-entering the email password in global settings resolves the issue until the pod is replaced.

[griff92]

I've found the limesurvey.encrypt.nonce and secretBoxKey

and in the pod I can see the ENCRYPT_NONCE and ENCRYPT_SECRET_BOX_KEY environment vars are set to what I want.

The security.php file is set to something totally different, but i'm assuming the app is preferring the env vars instead of the file?

BTW, I get the issue at the end of a survey when someone completes it. I can renter the email smtp password to resolve the issue, but once the pod is replaced the error reoccurs. The ENCRYPT_NONCE and ENCRYPT_SECRET_BOX_KEY I have set are taken from when I saved the password and it was working last.

Appreciate any help.

Thanks

[griff92]

A clever colleague of mine helped me resolve this. He looked at the code and found that encrypt.keypair needs to be set for encrypt.nonce and encrypt.secretBoxKey to be applicable. By setting keypair to a random value (i.e 4f56432) then re-enter the email password one, it set the secrets.php file to the none and secretBoxKey values i'd specified. I can delete the pod happily now.