Angular Error : Invalid Encryption type #388

New Issue

MrUnknownDE · 2026-04-05T21:06:25+02:00

MrUnknownDE commented

2026-04-05 21:06:25 +02:00

Originally created by @Deytron on 8/25/2025

Prerequisites

I have searched the existing Closed AND Open Issues AND Discussions
I have searched and read the documentation

Vaultwarden Support String

Your environment (Generated via diagnostics page)

Vaultwarden version: v1.34.1-6
Web-vault version: voidc_button-v2025.5.1-3
OS/Arch: linux/x86_64
Running within a container: true (Base: Alpine)
Database type: PostgreSQL
Database version: PostgreSQL 17.5 on x86_64-pc-linux-musl, compiled by gcc (Alpine 14.2.0) 14.2.0, 64-bit
Uses config.json: true
Uses a reverse proxy: true
IP Header check: true (X-Real-IP)
Internet access: true
Internet access via a proxy: false
DNS Check: true
TZ environment: Europe/Paris
Browser/Server Time Check: true
Server/NTP Time Check: true
Domain Configuration Check: true
HTTPS Check: true
Websocket Check: true
HTTP Response Checks: true

Config & Details (Generated via diagnostics page)

Show Config & Details

Environment settings which are overridden: DOMAIN, SENDS_ALLOWED, SIGNUPS_ALLOWED, SIGNUPS_VERIFY, ORG_CREATION_USERS, INVITATIONS_ALLOWED, EMERGENCY_ACCESS_ALLOWED, SHOW_PASSWORD_HINT, ORGANIZATION_INVITE_AUTO_ACCEPT, ADMIN_TOKEN, REQUIRE_DEVICE_EMAIL, SSO_ONLY, SSO_SIGNUPS_MATCH_EMAIL, SSO_AUTH_ONLY_NOT_SESSION, SMTP_HOST, SMTP_SECURITY, SMTP_FROM

Config:

{
  "_duo_akey": null,
  "_enable_duo": true,
  "_enable_email_2fa": true,
  "_enable_smtp": true,
  "_enable_yubico": true,
  "_icon_service_csp": "",
  "_icon_service_url": "",
  "_ip_header_enabled": true,
  "_max_note_size": 10000,
  "_smtp_img_src": "***:",
  "admin_ratelimit_max_burst": 3,
  "admin_ratelimit_seconds": 300,
  "admin_session_lifetime": 20,
  "admin_token": "***",
  "allowed_connect_src": "",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "auth_request_purge_schedule": "30 * * * * *",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_conn_init": "",
  "database_max_conns": 10,
  "database_timeout": 30,
  "database_url": "**********://*****************************************************************************************",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "domain": "*****://******************",
  "domain_origin": "*****://******************",
  "domain_path": "",
  "domain_set": true,
  "duo_context_purge_schedule": "30 * * * * *",
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "duo_use_iframe": false,
  "email_2fa_auto_fallback": false,
  "email_2fa_enforce_on_verified_invite": false,
  "email_attempts_limit": 3,
  "email_change_allowed": true,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "emergency_access_allowed": true,
  "emergency_notification_reminder_schedule": "0 3 * * * *",
  "emergency_request_timeout_schedule": "0 7 * * * *",
  "enable_db_wal": false,
  "enable_websocket": true,
  "enforce_single_org_with_reset_pw_policy": false,
  "event_cleanup_schedule": "0 10 0 * * *",
  "events_days_retain": null,
  "experimental_client_feature_flags": "",
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": null,
  "http_request_block_non_global_ips": true,
  "http_request_block_regex": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "icon_redirect_code": 302,
  "icon_service": "internal",
  "incomplete_2fa_schedule": "30 * * * * *",
  "incomplete_2fa_time_limit": 3,
  "increase_note_size_limit": false,
  "invitation_expiration_hours": 120,
  "invitation_org_name": "GBNA Santé DSIH",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": null,
  "log_level": "info",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "login_ratelimit_max_burst": 10,
  "login_ratelimit_seconds": 60,
  "org_attachment_limit": null,
  "org_creation_users": "***",
  "org_events_enabled": false,
  "org_groups_enabled": true,
  "organization_invite_auto_accept": true,
  "password_hints_allowed": true,
  "password_iterations": 600000,
  "purge_incomplete_sso_nonce": "0 20 0 * * *",
  "push_enabled": false,
  "push_identity_uri": "https://identity.bitwarden.com",
  "push_installation_id": "***",
  "push_installation_key": "***",
  "push_relay_uri": "https://push.bitwarden.com",
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sendmail_command": null,
  "sends_allowed": true,
  "sends_folder": "data/sends",
  "show_password_hint": false,
  "signups_allowed": true,
  "signups_domains_whitelist": "",
  "signups_verify": false,
  "signups_verify_resend_limit": 6,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": null,
  "smtp_debug": false,
  "smtp_embed_images": true,
  "smtp_explicit_tls": null,
  "smtp_from": "*************************",
  "smtp_from_name": "Vaultwarden",
  "smtp_host": "*********************",
  "smtp_password": null,
  "smtp_port": 25,
  "smtp_security": "off",
  "smtp_ssl": null,
  "smtp_timeout": 15,
  "smtp_username": null,
  "sso_allow_unknown_email_verification": false,
  "sso_audience_trusted": null,
  "sso_auth_only_not_session": true,
  "sso_authority": "https://auth.gbna-sante.fr/application/o/vaultwarden/",
  "sso_authorize_extra_params": "",
  "sso_callback_path": "https://pass.gbna-sante.fr/identity/connect/oidc-signin",
  "sso_client_cache_expiration": 0,
  "sso_client_id": "ZGQ3P2rH4Q9qBFZUdrSiBtKTOFMWOrBsStFNR0UC",
  "sso_client_secret": "***",
  "sso_debug_force_fail_auth_code": false,
  "sso_debug_tokens": false,
  "sso_enabled": true,
  "sso_master_password_policy": null,
  "sso_only": true,
  "sso_organizations_all_collections": true,
  "sso_organizations_enabled": true,
  "sso_organizations_groups_enabled": true,
  "sso_organizations_id_mapping": "",
  "sso_organizations_invite": false,
  "sso_organizations_revocation": false,
  "sso_organizations_token_path": "/vw-groups",
  "sso_pkce": true,
  "sso_roles_default_to_user": true,
  "sso_roles_enabled": true,
  "sso_roles_token_path": "/roles",
  "sso_scopes": "openid email profile offline_access",
  "sso_signups_match_email": true,
  "templates_folder": "data/templates",
  "tmp_folder": "data/tmp",
  "trash_auto_delete_days": null,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_sendmail": false,
  "use_syslog": false,
  "user_attachment_limit": null,
  "user_send_limit": null,
  "web_vault_enabled": true,
  "web_vault_folder": "/web-vault_button",
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}

Vaultwarden Build Version

v1.34.1-6

Deployment method

Other method

Custom deployment method

Kubernetes, using timshel\OIDCWarden

Reverse Proxy

traefik 3.4.4

Host/Server Operating System

Linux

Operating System Version

Kubernetes 1.33.3

Clients

Web Vault

Client Version

Firefox 142 - Vaultwarden Web 2025.5.1

Steps To Reproduce

Login to your account that's joined to an organization
Items will load indefinitely, orgs settings as well

Expected Result

Items in orgs are displayed on the page

Actual Result

Items load indefinitely

Logs

Unhandled error in angular Error: Invalid encryption type.
    rsaDecrypt encrypt.service.implementation.ts:501
    Rn main.91b1d4d6d52bc118910f.js:436
    L zone.js:2702
    Rn main.91b1d4d6d52bc118910f.js:436
    rsaDecrypt main.91b1d4d6d52bc118910f.js:436
    decapsulateKeyUnsigned encrypt.service.implementation.ts:405
    Rn main.91b1d4d6d52bc118910f.js:436
    L zone.js:2702
    Rn main.91b1d4d6d52bc118910f.js:436
    decapsulateKeyUnsigned main.91b1d4d6d52bc118910f.js:436
    decrypt encrypted-organization-key.ts:34
    22848/$/< main.91b1d4d6d52bc118910f.js:206

Screenshots or Videos

Additional Context

This happened after restoring a PostgreSQL backup. I tried creating new users, inviting them to the org etc... But it didn't seem to work. At this point I don't know if there's something wrong on the server side of things and the ciphers, or the users
If I had a way to simply export the org vault from somewhere, I would gladly do it
All 5000 entries are still present in the database

*Originally created by @Deytron on 8/25/2025* ### Prerequisites - [x] I have searched the existing **Closed _AND_ Open** [Issues](https://github.com/dani-garcia/vaultwarden/issues?q=is%3Aissue%20) **_AND_** [Discussions](https://github.com/dani-garcia/vaultwarden/discussions?discussions_q=) - [x] I have searched and read the [documentation](https://github.com/dani-garcia/vaultwarden/wiki/) ### Vaultwarden Support String ### Your environment (Generated via diagnostics page) * Vaultwarden version: v1.34.1-6 * Web-vault version: voidc_button-v2025.5.1-3 * OS/Arch: linux/x86_64 * Running within a container: true (Base: Alpine) * Database type: PostgreSQL * Database version: PostgreSQL 17.5 on x86_64-pc-linux-musl, compiled by gcc (Alpine 14.2.0) 14.2.0, 64-bit * Uses config.json: true * Uses a reverse proxy: true * IP Header check: true (X-Real-IP) * Internet access: true * Internet access via a proxy: false * DNS Check: true * TZ environment: Europe/Paris * Browser/Server Time Check: true * Server/NTP Time Check: true * Domain Configuration Check: true * HTTPS Check: true * Websocket Check: true * HTTP Response Checks: true ### Config & Details (Generated via diagnostics page) <details><summary>Show Config & Details</summary> **Environment settings which are overridden:** DOMAIN, SENDS_ALLOWED, SIGNUPS_ALLOWED, SIGNUPS_VERIFY, ORG_CREATION_USERS, INVITATIONS_ALLOWED, EMERGENCY_ACCESS_ALLOWED, SHOW_PASSWORD_HINT, ORGANIZATION_INVITE_AUTO_ACCEPT, ADMIN_TOKEN, REQUIRE_DEVICE_EMAIL, SSO_ONLY, SSO_SIGNUPS_MATCH_EMAIL, SSO_AUTH_ONLY_NOT_SESSION, SMTP_HOST, SMTP_SECURITY, SMTP_FROM **Config:** ```json { "_duo_akey": null, "_enable_duo": true, "_enable_email_2fa": true, "_enable_smtp": true, "_enable_yubico": true, "_icon_service_csp": "", "_icon_service_url": "", "_ip_header_enabled": true, "_max_note_size": 10000, "_smtp_img_src": "***:", "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_session_lifetime": 20, "admin_token": "***", "allowed_connect_src": "", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "auth_request_purge_schedule": "30 * * * * *", "authenticator_disable_time_drift": false, "data_folder": "data", "database_conn_init": "", "database_max_conns": 10, "database_timeout": 30, "database_url": "**********://*****************************************************************************************", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "domain": "*****://******************", "domain_origin": "*****://******************", "domain_path": "", "domain_set": true, "duo_context_purge_schedule": "30 * * * * *", "duo_host": null, "duo_ikey": null, "duo_skey": null, "duo_use_iframe": false, "email_2fa_auto_fallback": false, "email_2fa_enforce_on_verified_invite": false, "email_attempts_limit": 3, "email_change_allowed": true, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 3 * * * *", "emergency_request_timeout_schedule": "0 7 * * * *", "enable_db_wal": false, "enable_websocket": true, "enforce_single_org_with_reset_pw_policy": false, "event_cleanup_schedule": "0 10 0 * * *", "events_days_retain": null, "experimental_client_feature_flags": "", "extended_logging": true, "helo_name": null, "hibp_api_key": null, "http_request_block_non_global_ips": true, "http_request_block_regex": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "increase_note_size_limit": false, "invitation_expiration_hours": 120, "invitation_org_name": "GBNA Santé DSIH", "invitations_allowed": true, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": null, "log_level": "info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": null, "org_creation_users": "***", "org_events_enabled": false, "org_groups_enabled": true, "organization_invite_auto_accept": true, "password_hints_allowed": true, "password_iterations": 600000, "purge_incomplete_sso_nonce": "0 20 0 * * *", "push_enabled": false, "push_identity_uri": "https://identity.bitwarden.com", "push_installation_id": "***", "push_installation_key": "***", "push_relay_uri": "https://push.bitwarden.com", "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sendmail_command": null, "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": true, "signups_domains_whitelist": "", "signups_verify": false, "signups_verify_resend_limit": 6, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": null, "smtp_debug": false, "smtp_embed_images": true, "smtp_explicit_tls": null, "smtp_from": "*************************", "smtp_from_name": "Vaultwarden", "smtp_host": "*********************", "smtp_password": null, "smtp_port": 25, "smtp_security": "off", "smtp_ssl": null, "smtp_timeout": 15, "smtp_username": null, "sso_allow_unknown_email_verification": false, "sso_audience_trusted": null, "sso_auth_only_not_session": true, "sso_authority": "https://auth.gbna-sante.fr/application/o/vaultwarden/", "sso_authorize_extra_params": "", "sso_callback_path": "https://pass.gbna-sante.fr/identity/connect/oidc-signin", "sso_client_cache_expiration": 0, "sso_client_id": "ZGQ3P2rH4Q9qBFZUdrSiBtKTOFMWOrBsStFNR0UC", "sso_client_secret": "***", "sso_debug_force_fail_auth_code": false, "sso_debug_tokens": false, "sso_enabled": true, "sso_master_password_policy": null, "sso_only": true, "sso_organizations_all_collections": true, "sso_organizations_enabled": true, "sso_organizations_groups_enabled": true, "sso_organizations_id_mapping": "", "sso_organizations_invite": false, "sso_organizations_revocation": false, "sso_organizations_token_path": "/vw-groups", "sso_pkce": true, "sso_roles_default_to_user": true, "sso_roles_enabled": true, "sso_roles_token_path": "/roles", "sso_scopes": "openid email profile offline_access", "sso_signups_match_email": true, "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": null, "trash_purge_schedule": "0 5 0 * * *", "use_sendmail": false, "use_syslog": false, "user_attachment_limit": null, "user_send_limit": null, "web_vault_enabled": true, "web_vault_folder": "/web-vault_button", "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null } ``` </details> ### Vaultwarden Build Version v1.34.1-6 ### Deployment method Other method ### Custom deployment method Kubernetes, using timshel\OIDCWarden ### Reverse Proxy traefik 3.4.4 ### Host/Server Operating System Linux ### Operating System Version Kubernetes 1.33.3 ### Clients Web Vault ### Client Version Firefox 142 - Vaultwarden Web 2025.5.1 ### Steps To Reproduce 1. Login to your account that's joined to an organization 2. Items will load indefinitely, orgs settings as well ### Expected Result Items in orgs are displayed on the page ### Actual Result Items load indefinitely ### Logs ```text Unhandled error in angular Error: Invalid encryption type. rsaDecrypt encrypt.service.implementation.ts:501 Rn main.91b1d4d6d52bc118910f.js:436 L zone.js:2702 Rn main.91b1d4d6d52bc118910f.js:436 rsaDecrypt main.91b1d4d6d52bc118910f.js:436 decapsulateKeyUnsigned encrypt.service.implementation.ts:405 Rn main.91b1d4d6d52bc118910f.js:436 L zone.js:2702 Rn main.91b1d4d6d52bc118910f.js:436 decapsulateKeyUnsigned main.91b1d4d6d52bc118910f.js:436 decrypt encrypted-organization-key.ts:34 22848/$/< main.91b1d4d6d52bc118910f.js:206 ``` ### Screenshots or Videos <img width="2310" height="1294" alt="Image" src="https://github.com/user-attachments/assets/6546f106-61f3-4f27-82f0-aa0fe4267a0c" /> ### Additional Context This happened after restoring a PostgreSQL backup. I tried creating new users, inviting them to the org etc... But it didn't seem to work. At this point I don't know if there's something wrong on the server side of things and the ciphers, or the users If I had a way to simply export the org vault from somewhere, I would gladly do it All 5000 entries are still present in the database

MrUnknownDE closed this issue

2026-04-05 21:06:25 +02:00

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/vaultwarden#388