I’m having trouble restoring a back up on a new server.
I’ve gone through this process before (worst case disaster recover), whereby I create a fresh AWS EC2 instance, fresh frappe/erpnext install, update config files etc, then restore my encrypted backups. Sadly, I’m getting this error now when trying to restore the backup:
Encrypted backup file detected. Decrypting using site config.
Decryption failed. Please provide a valid key and try again.
- I have the encryption key, every time I do a manual backup I save a copy of the
site_config.json
. - My mariadb.cnf file is the same as the old server, pointing to the .enc .key files that I SCP’d to the new server.
- My site is named the same as the original
Any suggestions would be really appreciated!
Shaun.
# The MariaDB configuration file
#
# The MariaDB/MySQL tools read configuration files in the following order:
# 0. "/etc/mysql/my.cnf" symlinks to this file, reason why all the rest is read.
# 1. "/etc/mysql/mariadb.cnf" (this file) to set global defaults,
# 2. "/etc/mysql/conf.d/*.cnf" to set global options.
# 3. "/etc/mysql/mariadb.conf.d/*.cnf" to set MariaDB-only options.
# 4. "~/.my.cnf" to set user-specific options.
#
# If the same option is defined multiple times, the last one will apply.
#
# One can use all long options that the program supports.
# Run program with --help to get a list of available options and with
# --print-defaults to see which it would actually understand and use.
#
# If you are new to MariaDB, check out https://mariadb.com/kb/en/basic-mariadb-articles/
#
# This group is read both by the client and the server
# use it for options that affect everything
#
[client-server]
# Port or socket location where to connect
# port = 3306
socket = /run/mysqld/mysqld.sock
# Import all .cnf files from configuration directory
!includedir /etc/mysql/conf.d/
!includedir /etc/mysql/mariadb.conf.d/
[mysqld]
character-set-client-handshake = FALSE
character-set-server = utf8mb4
collation-server = utf8mb4_unicode_ci
[mysql]
default-character-set = utf8mb4
[mariadb]
# File Key Management
plugin_load_add = file_key_management
file_key_management_filename = /etc/mysql/encryption/keyfile.enc
file_key_management_filekey = FILE:/etc/mysql/encryption/keyfile.key
file_key_management_encryption_algorithm = AES_CTR
# InnoDB/XtraDB Encryption
innodb_encrypt_tables = FORCE
innodb_encrypt_tables = ON
innodb_encrypt_temporary_tables = ON
innodb_encrypt_log = ON
innodb_encryption_threads = 4
innodb_encryption_rotate_key_age = 0
{
"backup_encryption_key": "xxxxx",
"db_name": "xxxx",
"db_password": "xxxxx",
"db_type": "mariadb",
"developer_mode": 1,
"domains": [
"mydomain"
],
"enable_two_factor_auth": true,
"encryption_key": "xxxxx",
"maintenance_mode": 0,
"pause_scheduler": 0,
"ssl_certificate": "/etc/letsencrypt/live/mydomain/fullchain.pem",
"ssl_certificate_key": "/etc/letsencrypt/live/mydomain/privkey.pem"
}