I am looking to update my credentials encryption key. I understand I need to add the N8N_ENCRYPTION_KEY to my yaml file. export a decrypted version of credentials. Restart n8n and then import the credentials again.
Please note I do have my existing key.
I don’t seem to be able to get this to work and get a 502 Bad Gateway.
Hey @paul2000 hope all is good. Welcome back to the community.
If you are transferring decrypted credentials, you don’t need to transfer the old N8N_ENCRYPTION_KEY to your new instance. It’s only used when transferring encrypted credentials (because they are encrypted with the old key, so you need the old key for the new n8n instance to be able to decrypt them).
At which point do you see the 502? What do you see in the n8n container logs?
Export all the credentials in plain text format. You can use this to migrate from one installation to another that has a different secret key in the configuration file.
My steps were using portainer I added N8N_ENCRYPTION_KEY=”newkey” to the stack and then recreated. Then I restarted the n8n container. On restart of the container the 502 was displayed.
The log said something like: failed to start. Sorry did not keep a copy. At that point my son commented out the N8N_ENCRYPTION_KEY variable and we recreated and restated and got n8n working again, but failed to update the current N8N_ENCRYPTION_KEY.
If your config file is a part of the mounted volume (named or a bind), you can just change the key in that file to a new random string of your choice. Then import unencrypted credentials.
