问题
I'm running Ruby 2.5.1 and Rails 5.2.0. I ran rails s -e production, and it gives this error:
/home/roy/.rbenv/versions/2.5.1/lib/ruby/gems/2.5.0/gems/activesupport-5.2.0/lib/active_support/message_encryptor.rb:206:in `rescue in_decrypt': ActiveSupport::MessageEncryptor::InvalidMessage
(ActiveSupport::MessageEncryptor::InvalidMessage)
How do I do this properly?
EDIT: The same error appears whenever I try to edit the credentials file using
EDITOR="nano --wait" bin/rails credentials:edit
Also I realized that I didn't create a production database yet so I tried that using
RAILS_ENV=production bundle exec rails db:reset
(I know db:reset is a bit redundant but it should work trying to create, migrate and seed a server)
Sadly I get the same kind of error (InvalidMessage error)
Unsupported rails environment for compass
rake aborted!
ActiveSupport::MessageEncryptor::InvalidMessage: ActiveSupport::MessageEncryptor::InvalidMessage
/home/roy/apps/myappname/config/environment.rb:5:in `<main>'
/home/roy/.rbenv/versions/2.5.1/bin/bundle:23:in `load'
/home/roy/.rbenv/versions/2.5.1/bin/bundle:23:in `<main>'
Caused by:
OpenSSL::Cipher::CipherError:
/home/roy/apps/myappname/config/environment.rb:5:in `<main>'
/home/roy/.rbenv/versions/2.5.1/bin/bundle:23:in `load'
/home/roy/.rbenv/versions/2.5.1/bin/bundle:23:in `<main>'
Tasks: TOP => db:create => db:load_config => environment
回答1:
Okay I got it working finally.
I simply deleted my master.key and credentials.yml.enc files and then ran
bin/rails credentials:edit
Which created new files. After that everything worked fine.
I don't really understand why it works though. Can anyone give a good explanation for this?
回答2:
It appears your solution of removing the master.key and credentials.yml.enc indicates you are running Rails 5.2. This setup changed from a similar encrypted secrets.yml.enc file used in Rails 5.1.
The goal is to allow committing secret keys (AWS, Rails' secrect_key_base) to a project's code repository. These would typically be set with ENV variables. Now collaborators need only share the master.key that was generated to decrypt and modify or read the contents of credentials.yml.enc.
When you removed both the master.key and credentials.yml.enc files, rails generated a new pair, now you were able to decrypt credentials.yml.enc and this file was initialized with a new Rails secret_key_base value needed to avoid the ActiveSupport::MessageEncryptor::InvalidMessage. If you track down the source of that message, it's likely referencing the Rails credentials secret key base: Rails.application.credentials.secret_key_base.
These are nice write ups on the topic:
https://medium.com/cedarcode/rails-5-2-credentials-9b3324851336
https://www.engineyard.com/blog/rails-encrypted-credentials-on-rails-5.2
来源:https://stackoverflow.com/questions/50102639/running-a-rails-server-in-production-locally-invalidmessage-error