Could not decrypt credentials
Published 09 March 2023
Encryption keys protecting stored credentials have been altered or lost, preventing the credentials from being decrypted.
Restoring encryption keys from a backup of the encryption keys file
When resolving encryption key issues we recommend adding any recovered keys to the encryption keys file rather than replacing the keys already there. See Managing the encryption keys file for details on how multiple keys are handled.
If you have a backup of the key that was used to protect the affected credentials you can add it to the encryption keys file and restart the base monitor service.
By default the encryption keys file will be in %ProgramData%\Red Gate\SQL Monitor\Secrets\keys.txt
. SQL Monitor will generate this file if not present so it may include a key that differs from your backed up key. We recommend adding the recovered key to this file rather than replacing the existing key.
If using a custom path as described in Managing the encryption keys file you will need to either modify that file or change the path to a file that includes the recovered key.
- When modifying this file we recommend adding the recovered key to this file rather than replacing any existing keys.
- When moving to a new file we recommend copying any keys from the old file into the new file.
When no backup is available
If no backup is present the credentials for the affected entities have been lost. The credentials of each affected entity must be re-entered from the monitored servers page.