All of a sudden, I can no longer create encrypted data bags. I can still decrypt old ones, but when creating new encrypted data bags, I can’t decrypt them. I’m trying with a fresh encryption key, and with a new data bag.

knife data bag create test enc —secret —secret-file ~/.chef/encrypted_data_bag_key knife data bag show test enc # Shows the encrypted data bag knife data bag show test enc —secret-file ~/.chef/encrypted_data_bag_key # ERROR: OpenSSL::Cipher::CipherError: bad decrypt

Using the same key, I can decrypt data bags I encrypted some time ago. I can’t pin point exactly when this started, but I discovered it yesterday, and I’m pretty sure it used to work last time I tried, a couple of months ago.

I’m using hosted chef.