"Could not find the private key of the user" in Admin Logs

[denppa]

Steps to reproduce

1. Install the end to end encryption app
2. Click "Set up encryption" on MacOs desktop client app, observe no prompt to enter mnemonic passphrase.
3. Check server logs, found the message: "Could not find the private key of the user"

Server side encryption and default encryption disabled.

Expected behaviour

It should be able to find the key of a user.

Actual behaviour

For some reason, the client app cannot get the user's private key.

Server configuration

Operating system: Kubernetes

Web server: Apache

Database: Postgres

PHP version: 8.8.23

Nextcloud version: 30

Updated from an older Nextcloud/ownCloud or fresh install: Fresh Install

Where did you install Nextcloud from: helm chart

Login as admin user into your Nextcloud and access
http://example.com/index.php/settings/integrity/failed
paste the results here.

Technical information
=====================
The following list covers which files have failed the integrity check. Please read
the previous linked documentation to learn more about the errors and how to fix
them.

Results
=======
- core
	- EXTRA_FILE
		- nextcloud-init-sync.lock

Raw output
==========
Array
(
    [core] => Array
        (
            [EXTRA_FILE] => Array
                (
                    [nextcloud-init-sync.lock] => Array
                        (
                            [expected] => 
                            [current] => cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
                        )

                )

        )

)

List of activated apps:

Defaulted container "nextcloud" out of: nextcloud, postgresql-isready (init)
Enabled:
  - activity: 3.0.0
  - bruteforcesettings: 3.0.0
  - calendar: 5.0.0
  - circles: 30.0.0-dev
  - cloud_federation_api: 1.13.0
  - comments: 1.20.1
  - contacts: 6.1.0
  - contactsinteraction: 1.11.0
  - dashboard: 7.10.0
  - dav: 1.31.1
  - end_to_end_encryption: 1.16.1
  - federatedfilesharing: 1.20.0
  - federation: 1.20.0
  - files: 2.2.0
  - files_downloadlimit: 3.0.0
  - files_pdfviewer: 3.0.0
  - files_reminders: 1.3.0
  - files_sharing: 1.22.0
  - files_trashbin: 1.20.1
  - files_versions: 1.23.0
  - firstrunwizard: 3.0.0
  - logreader: 3.0.0
  - lookup_server_connector: 1.18.0
  - nextcloud_announcements: 2.0.0
  - notifications: 3.0.0
  - oauth2: 1.18.1
  - password_policy: 2.0.0
  - photos: 3.0.2
  - privacy: 2.0.0
  - provisioning_api: 1.20.0
  - recommendations: 3.0.0
  - related_resources: 1.5.0
  - serverinfo: 2.0.0
  - settings: 1.13.0
  - sharebymail: 1.20.0
  - support: 2.0.0
  - survey_client: 2.0.0
  - systemtags: 1.20.0
  - tasks: 0.16.1
  - text: 4.1.0
  - theming: 2.5.0
  - twofactor_backupcodes: 1.19.0
  - updatenotification: 1.20.0
  - user_status: 1.10.0
  - viewer: 3.0.0
  - weather_status: 1.10.0
  - webhook_listeners: 1.1.0-dev
  - workflowengine: 2.12.0
Disabled:
  - admin_audit: 1.20.0
  - encryption: 2.18.0 (installed 2.18.0)
  - files_external: 1.22.0
  - onlyoffice: 9.4.0 (installed 9.4.0)
  - richdocuments: 8.5.1 (installed 8.5.1)
  - suspicious_login: 8.0.0
  - twofactor_nextcloud_notification: 4.0.0
  - twofactor_totp: 12.0.0-dev
  - user_ldap: 1.21.0
  - whiteboard: 1.0.3 (installed 1.0.3)

sudo -u www-data php occ config:list system
from within your Nextcloud installation folder

{
    "system": {
        "htaccess.RewriteBase": "\/",
        "memcache.local": "\\OC\\Memcache\\APCu",
        "apps_paths": [
            {
                "path": "\/var\/www\/html\/apps",
                "url": "\/apps",
                "writable": false
            },
            {
                "path": "\/var\/www\/html\/custom_apps",
                "url": "\/custom_apps",
                "writable": true
            }
        ],
        "objectstore": {
            "class": "\\OC\\Files\\ObjectStore\\S3",
            "arguments": {
                "bucket": "nextcloud-data-redacted",
                "region": "eu-west-1",
                "hostname": "redacted",
                "port": "80",
                "storageClass": "STANDARD",
                "objectPrefix": "urn:oid:",
                "autocreate": false,
                "use_ssl": false,
                "use_path_style": true,
                "legacy_auth": false,
                "key": "***REMOVED SENSITIVE VALUE***",
                "secret": "***REMOVED SENSITIVE VALUE***"
            }
        },
        "upgrade.disable-web": true,
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "redacted",
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "pgsql",
        "version": "30.0.0.14",
        "overwrite.cli.url": "http:\/\/localhost",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "overwriteprotocol": "https",
        "maintenance": false
    }
}

Are you using external storage, if yes which one: not currently.

Are you using encryption: no, server side encryption is off.

Are you using an external user-backend, if yes which one: no, just postgres.

Client configuration

Browser: MacOs desktop client

Logs

Web server error log

[end_to_end_encryption] Warning: Could not find the private key of the user: user
	GET /ocs/v2.php/apps/end_to_end_encryption/api/v2/private-key?format=json
	from IP by user at Oct 10, 2024, 2:53:48 PM

[denppa]

Tested on another user, works without problem.

Is there an occ command I can run to clear the state of this currently errored user so it can begin the set up process anew?

[denppa]

Solved here: nextcloud/server#9083 (comment)

Must be an edge case where the key creation process failed.