Running a rails server in production locally (InvalidMessage error)

Question

I\'m running Ruby 2.5.1 and Rails 5.2.0. I ran rails s -e production, and it gives this error:

/home/roy/.rbenv/versions/2.5.1/lib/ruby/gems/2.5         


        

Answer 1

Okay I got it working finally.

I simply deleted my master.key and credentials.yml.enc files and then ran

bin/rails credentials:edit

Which created new files. After that everything worked fine.

I don't really understand why it works though. Can anyone give a good explanation for this?

Answer 2

For Rails 6, I had a multi-environment credentials setup.

One for development, staging, and production.

The master.key works for the main credentials.yml file

The other environments have there own key, so for staging we used the production.key in place of the RAILS_MASTER_KEY config envs on heroku and that fixed it for me.

Answer 3

It appears your solution of removing the master.key and credentials.yml.enc indicates you are running Rails 5.2. This setup changed from a similar encrypted secrets.yml.enc file used in Rails 5.1.

The goal is to allow committing secret keys (AWS, Rails' secrect_key_base) to a project's code repository. These would typically be set with ENV variables. Now collaborators need only share the master.key that was generated to decrypt and modify or read the contents of credentials.yml.enc.

When you removed both the master.key and credentials.yml.enc files, rails generated a new pair, now you were able to decrypt credentials.yml.enc and this file was initialized with a new Rails secret_key_base value needed to avoid the ActiveSupport::MessageEncryptor::InvalidMessage. If you track down the source of that message, it's likely referencing the Rails credentials secret key base: Rails.application.credentials.secret_key_base.

These are nice write ups on the topic:
https://medium.com/cedarcode/rails-5-2-credentials-9b3324851336 https://www.engineyard.com/blog/rails-encrypted-credentials-on-rails-5.2

Answer 4

You need to ask for the master key to you project leader / team leader / coworkers.

With that long key like 63y4gh47373h3733jj474 you copy it and paste it the master.key file under config folder.

That solve the issue.

Answer 5

I had this similar issue when working with a Rails 5 application in production, royketelaar's answer and gib's answer

Just to add a few things:

After deleting the credentials.yml.enc and master.key files,

And running the command below to generate a new secret_key_base, credentials.yml.enc and master.key files (my editor is VS Code and not Nano):

EDITOR="code --wait" bin/rails credentials:edit

Ensure that uncomment the following configuration in your config/environments/production.rb file:

config.require_master_key = true

For your production environment, since the master.key file containing the master key which is used for decrypting the credentials.yml.enc is not recommended to be committed to version system control, save the master key in a RAILS_MASTER_KEY environment variable using the figaro gem.

That's all.

I hope this helps