nextcloud
Authenticated ciphertext could not be decoded
Steps to reproduce
- Execute cronjob
- Show logs of nextcloud
Expected behavior
Doesn't show these log messages
Actual behavior
We have observed that when the cronjob is executed appears multiple logs with the message Authenticated ciphertext could not be decoded:
{"reqId":"Rbg7ordtQZbFl2vD9Exi","level":3,"time":"2024-05-22T18:22:30+02:00","remoteAddr":"","user":"--","app":"mail","method":"","url":"--","message":"Cron mail sync failed for account 385","userAgent":"--","version":"28.0.3.3","exception":{"Exception":"Exception","Message":"Authenticated ciphertext could not be decoded.","Code":0,"Trace":[{"file":"/var/www/html/nextcloud/lib/private/Security/Crypto.php","line":123,"function":"decryptWithoutSecret","class":"OC\\Security\\Crypto","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/nextcloud/apps/mail/lib/IMAP/IMAPClientFactory.php","line":89,"function":"decrypt","class":"OC\\Security\\Crypto","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/nextcloud/apps/mail/lib/IMAP/MailboxSync.php","line":103,"function":"getClient","class":"OCA\\Mail\\IMAP\\IMAPClientFactory","type":"->"},{"file":"/var/www/html/nextcloud/apps/mail/lib/BackgroundJob/SyncJob.php","line":109,"function":"sync","class":"OCA\\Mail\\IMAP\\MailboxSync","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/nextcloud/lib/public/BackgroundJob/Job.php","line":81,"function":"run","class":"OCA\\Mail\\BackgroundJob\\SyncJob","type":"->"},{"file":"/var/www/html/nextcloud/lib/public/BackgroundJob/TimedJob.php","line":102,"function":"start","class":"OCP\\BackgroundJob\\Job","type":"->"},{"file":"/var/www/html/nextcloud/lib/public/BackgroundJob/TimedJob.php","line":92,"function":"start","class":"OCP\\BackgroundJob\\TimedJob","type":"->"},{"file":"/var/www/html/nextcloud/cron.php","line":152,"function":"execute","class":"OCP\\BackgroundJob\\TimedJob","type":"->"}],"File":"/var/www/html/nextcloud/lib/private/Security/Crypto.php","Line":135,"message":"Cron mail sync failed for account {accountId}","exception":{},"CustomMessage":"Cron mail sync failed for account 385"}}
Mail app version
3.6.1
Mailserver or service
No response
Operating system
AlmaLinux release 8.9
PHP engine version
PHP 8.2
Web server
Apache (supported)
Database
PostgreSQL
Additional info
We see that the accounts that have the problem are ok. There are active and working normally. If we try to update the mail account it's seems working, but in case of sync or diagnose fails:
Sorry, I don't understand the question, Do you mean other nextcloud instances?
More than one server running Nextcloud. I'm asking because this error only occurs if the secret in config.php changed or there is more than one value. This can happen for wrongly set up clusters, or when a backup is restored badly.
Yes, we have many server runing Nextcloud behind HAproxy loadbalancer, all the nodes share (NFS) the same file config.php. The cronjob it's execute in only one node.
Yes, we have many server runing Nextcloud behind HAproxy loadbalancer, all the nodes share (NFS) the same file config.php.
Good :+1:
Can you check your backups for a change of the secret in config.php?
Ohh, we see that we have many email account configured without password, and precisely those accounts are what cause the problem. It's possible to delete those email accounts automatically?
Hi, we try to delete the accounts with cli, but we have the message:
How we can delete this accounts?
You have to deprovision them via the admin UI. It's the same place you have provisioned the accounts.
But with the deprovision option you deprovisioning all the accounts, not just those with an empty password?