Skip to content

Encryption_key Bug - Error 500 - Cannot be set using env variables, or with cake CLI. #380

@MartinHeim

Description

@MartinHeim

I get a similar error to (#346) . Setting Security.encryption_key in MISP v2.5.32 causes the application to crash with EncryptedValue conversion errors (same as error.log from Bratox). This occurs with Kubernetes Secret, or cake Admin setSetting CLI. The configuration worked in v2.5.10. If I set the secret beforehand, in code, like was done by Bratox, it works. However, I want to avoid having it be hardcoded and so visible. When the encryption key is set via cake Admin setSetting on a running instance, the web interface immediately becomes inaccessible with a 500 error.

Steps to reproduce
Method 1: Via environment variable

Deploy MISP v2.5.32
Set ENCRYPTION_KEY environment variable to any string ≥ 32 characters
Set ADMIN_PASSWORD environment variable
Start the container
Observe EncryptedValue errors in logs during init_user phase
Web interface returns "Internal Server Error"

Method 2: Via CLI on running instance

Deploy MISP v2.5.32 without ENCRYPTION_KEY (works normally)
Log in and confirm the web interface works
Run: cake Admin setSetting "Security.encryption_key" "any-alphanumeric-string-at-least-32-chars"
Immediately try to access the web interface
Browser reports "Unable to connect"
Removing the key does not restore functionality; a pod restart is required.

Metadata

Metadata

Assignees

Labels

bugSomething isn't working

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions