You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@airflow.apache.org by "morningcloud (via GitHub)" <gi...@apache.org> on 2023/02/02 20:36:20 UTC

[GitHub] [airflow] morningcloud commented on issue #16313: cryptography.fernet.InvalidToken when attempting to access connections

morningcloud commented on issue #16313:
URL: https://github.com/apache/airflow/issues/16313#issuecomment-1414341541

   Thanks @jedcunningham and @danielmorales72! 
   
   I resolved this with a long and probably unnecessary workaround before seeing those messages! I'll write it here in case for some reason someone had no other choice but to do this. I managed to get the old fernet key from Kubernetes snapshot backup then did the following:
   
   1. exec into one of the running airflow webserver containers.
   2. run `export AIRFLOW__CORE__FERNET_KEY=**current_**fernet_key,**old_**fernet_key` note this will be the decoded keys not the base64 encoded values.
   3. Run `airflow rotate_fernet_key` to re-encrypt existing credentials with the new fernet key.
   4. Set `fernet_key` back to `current_fernet_key` by running `export AIRFLOW__CORE__FERNET_KEY=current_fernet_key` in the same container.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@airflow.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org