Unable to parse configuration key 'Octopus.Storage.MasterKey' as a 'Byte[]'

(Ricky) #1

I had some hard drive issues on my computer which forced me to reinstall windows. I was able to backup the database, plus my KeeStore with my Master Key in it, plus the directory C:\Octopus. I don’t even remember what version of Octopus I was running, but I figured it was time for an upgrade anyways, so I downloaded Octopus.2019.6.8-x64.msi and installed it. During the setup wizard part, I received a fatal error. I believe it was when running the “Octopus.Server.exe configure …” step but I am not sure.

Here is some more detail on the error message from the OctopusServer.txt log file:
2019-08-31 09:10:15.5902 10232 7 FATAL Unable to parse configuration key ‘Octopus.Storage.MasterKey’ as a ‘Byte[]’.
Key not valid for use in specified state.
System.FormatException: Unable to parse configuration key ‘Octopus.Storage.MasterKey’ as a ‘Byte[]’. —> System.Security.Cryptography.CryptographicException: Key not valid for use in specified state.

at System.Security.Cryptography.ProtectedData.Unprotect(Byte[] encryptedData, Byte[] optionalEntropy, DataProtectionScope scope)
at Octopus.Shared.Configuration.WindowsMachineKeyEncryptor.Decrypt(String encrypted)
at Octopus.Shared.Configuration.FlatDictionaryKeyValueStore.Get[TData](String name, TData defaultValue, ProtectionLevel protectionLevel)
— End of inner exception stack trace —
at Octopus.Shared.Configuration.FlatDictionaryKeyValueStore.Get[TData](String name, TData defaultValue, ProtectionLevel protectionLevel)
at Octopus.Core.Initialization.BuiltIn.EnsureMasterKeyIsConfiguredInitializer.GenerateMasterKeyIfNotAlreadyConfigured(IMasterKeyConfiguration config, ILog log)
at Nevermore.StoreInitializer.Initialize()
at Octopus.Server.OctopusServerEngine.Start()
at Octopus.Server.Commands.RunCommand.Start()
at Octopus.Shared.Startup.AbstractCommand.Start(String[] commandLineArguments, ICommandRuntime commandRuntime, OptionSet commonOptions)
at Octopus.Shared.Startup.WindowsServiceHost.<>c__DisplayClass1_0.b__0()
at Octopus.Shared.Startup.WindowsServiceAdapter.RunService()
2019-08-31 09:10:15.6337 10232 7 FATAL Unhandled AppDomain exception occurred: Unable to parse configuration key ‘Octopus.Storage.MasterKey’ as a ‘Byte[]’.
System.FormatException
at Octopus.Shared.Configuration.FlatDictionaryKeyValueStore.Get[TData](String name, TData defaultValue, ProtectionLevel protectionLevel)
at Octopus.Core.Initialization.BuiltIn.EnsureMasterKeyIsConfiguredInitializer.GenerateMasterKeyIfNotAlreadyConfigured(IMasterKeyConfiguration config, ILog log)
at Nevermore.StoreInitializer.Initialize()
at Octopus.Server.OctopusServerEngine.Start()
at Octopus.Server.Commands.RunCommand.Start()
at Octopus.Shared.Startup.AbstractCommand.Start(String[] commandLineArguments, ICommandRuntime commandRuntime, OptionSet commonOptions)
at Octopus.Shared.Startup.WindowsServiceHost.<>c__DisplayClass1_0.b__0()
at Octopus.Shared.Startup.WindowsServiceAdapter.RunService()
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.ThreadHelper.ThreadStart()

–Inner Exception–
Key not valid for use in specified state.

System.Security.Cryptography.CryptographicException
at System.Security.Cryptography.ProtectedData.Unprotect(Byte[] encryptedData, Byte[] optionalEntropy, DataProtectionScope scope)
at Octopus.Shared.Configuration.WindowsMachineKeyEncryptor.Decrypt(String encrypted)
at Octopus.Shared.Configuration.FlatDictionaryKeyValueStore.Get[TData](String name, TData defaultValue, ProtectionLevel protectionLevel)
System.FormatException: Unable to parse configuration key ‘Octopus.Storage.MasterKey’ as a ‘Byte[]’. —> System.Security.Cryptography.CryptographicException: Key not valid for use in specified state.

at System.Security.Cryptography.ProtectedData.Unprotect(Byte[] encryptedData, Byte[] optionalEntropy, DataProtectionScope scope)
at Octopus.Shared.Configuration.WindowsMachineKeyEncryptor.Decrypt(String encrypted)
at Octopus.Shared.Configuration.FlatDictionaryKeyValueStore.Get[TData](String name, TData defaultValue, ProtectionLevel protectionLevel)
— End of inner exception stack trace —
at Octopus.Shared.Configuration.FlatDictionaryKeyValueStore.Get[TData](String name, TData defaultValue, ProtectionLevel protectionLevel)
at Octopus.Core.Initialization.BuiltIn.EnsureMasterKeyIsConfiguredInitializer.GenerateMasterKeyIfNotAlreadyConfigured(IMasterKeyConfiguration config, ILog log)
at Nevermore.StoreInitializer.Initialize()
at Octopus.Server.OctopusServerEngine.Start()
at Octopus.Server.Commands.RunCommand.Start()
at Octopus.Shared.Startup.AbstractCommand.Start(String[] commandLineArguments, ICommandRuntime commandRuntime, OptionSet commonOptions)
at Octopus.Shared.Startup.WindowsServiceHost.<>c__DisplayClass1_0.b__0()
at Octopus.Shared.Startup.WindowsServiceAdapter.RunService()
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.ThreadHelper.ThreadStart()

My hunch is that it is trying to read a file with master key data in it or maybe from the database but it doesn’t exist or something like that, but I don’t know how to prove that. I can’t seem to find anything with the same error to point me in the right direction to fix the problem. Can someone please help?

(Ricky) #2

I decided to continue beating on this to see if I could get anywhere. I tried removing the Octopus.Storage.MasterKey from the OctopusServer.config. I then ran the .\Octopus.Server.exe configure … again and it started upgrading the installation (which it wasn’t doing before) but it failed and told me that master key was wrong. So, I ran this:

.\Octopus.Server.exe show-master-key

…and I noticed that it was showing the wrong master key when compared to the one I had backed-up. I wasn’t sure how to set the master key using Octopus.Server.exe, but when I looked at the script that the set-up wizard was trying to run, I remembered seeing the master key in there on the line that looked like this.

.\Octopus.Server.exe database --instance “OctopusServer” --connectionString “Data Source=;Initial Catalog=Octopus;Integrated Security=True” --masterKey “” --grant “”

So I opened PowerShell as admin and ran that again and it seemed to work. Next, I got through the reset of the steps from the script with out errors and the OctopusDeploy windows service started with only one minor issue which was that I need to add the URL ACL reservation. Now I can log into Octopus and my projects are still there. :slight_smile:

I think the short of it is that the error message I was getting means that something was wrong with the master key. I don’t know what didn’t work the first time because I entered the master key then, but I just kept trying different things and eventually things worked out for me. I hope this post helps someone in the future. I am really surprised that I (sort-of) resolved my own issue, but it feels good to have a little luck every now and again. :wink:

Good Luck!

(Daniel Fischer) #4

Hi Ricky,

Thanks for such a detailed update here! Hopefully this information can help someone else in the future. :slight_smile:

Please don’t hesitate to get in touch at any time.

Best regards,