From 99eeb663e29b09cd6d617b7f62f485cd9341ca13 Mon Sep 17 00:00:00 2001 From: Josh Date: Fri, 10 Oct 2025 13:29:26 -0400 Subject: [PATCH] reactor: consolidate encryption troubleshooting into enc. chapter Signed-off-by: Josh --- .../issues/general_troubleshooting.rst | 56 ++----------------- 1 file changed, 4 insertions(+), 52 deletions(-) diff --git a/admin_manual/issues/general_troubleshooting.rst b/admin_manual/issues/general_troubleshooting.rst index 3955067c6..1385abaa3 100644 --- a/admin_manual/issues/general_troubleshooting.rst +++ b/admin_manual/issues/general_troubleshooting.rst @@ -429,59 +429,11 @@ You can run the following SQL query to reset those after **backing up the databa UPDATE oc_filecache SET unencrypted_size=0 WHERE encrypted=0; -Troubleshooting downloading or decrypting files ------------------------------------------------ +Troubleshooting encrypted files +------------------------------- -Bad signature error -^^^^^^^^^^^^^^^^^^^ - -In some rare cases it can happen that encrypted files cannot be downloaded -and return a "500 Internal Server Error". If the Nextcloud log contains an error about -"Bad Signature", then the following command can be used to repair affected files:: - - occ encryption:fix-encrypted-version userId --path=/path/to/broken/file.txt - -Replace "userId" and the path accordingly. -The command will do a test decryption for all files and automatically repair the ones with a signature error. - -.. _troubleshooting_encryption_key_not_found: - -Encryption key cannot be found -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -If the logs contain an error stating that the encryption key cannot be found, you can manually search the data directory for a folder that has the same name as the file name. -For example if a file "example.md" cannot be decrypted, run:: - - find path/to/datadir -name example.md -type d - -Then check the results located in the ``files_encryption`` folder. -If the key folder is in the wrong location, you can move it to the correct folder and try again. - -The ``data/files_encryption`` folder contains encryption keys for group folders and system-wide external storages -while ``data/$userid/files_encryption`` contains the keys for specific user storage files. - -.. note:: - - This can happen if encryption was disabled at some point but the :ref:`occ command for decrypt-all` was not run, and - then someone moved the files to another location. Since encryption was disabled, the keys did not get moved. - -Encryption key cannot be found with external storage or group folders -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -To resolve this issue, please run the following command:: - - sudo -E -u www-data php occ encryption:fix-key-location - -This will attempt to recover keys that were not moved properly. - -If this doesn't resolve the problem, please refer to the section :ref:`Encryption key cannot be found` for a manual procedure. - -.. note:: - - There were two known issues where: - - - moving files between an encrypted and non-encrypted storage like external storage or group folder `would not move the keys with the files `_. - - putting files on system-wide external storage would store the keys in the `wrong location `_. +.. tip:: + Please also refer to the troubleshooting section in the encryption chapter: :doc:`../configuration_files/encryption_configuration`. Fair Use Policy ---------------