Collabora not working with encryption

Hi guys,

it seems that the richdocuments apps can’t handle encrypted storage. Collabora is working so far. I get the surface and no connection error. But the following screen appears no matter what file i am opening:

The key error message is: Private Key missing for user: please try to log-out and log-in again

Best regards,

Similar problem: Collabora and encrypted files on server


Is there a missing configuration or is this a known missing feature in richdocuments?

If you don’t use external storage, I wouldn’t use the encryption app at all.
Unfortunately, I can’t help you out and you need to wait for someone who uses and knows more about the encryption app ;-(

Why shouldnt I use the encryption app? Several people are using my nextcloud storage and for most of them the fact that nobody can access the data without their poassword is very important. And for me too.

Encryption keys are stored only on the Nextcloud server, eliminating exposure of your data to third-party storage providers. The encryption app does not protect your data if your Nextcloud server is compromised, and it does not prevent Nextcloud administrators from reading user’s files. This would require client-side encryption, which this app does not provide. If your Nextcloud server is not connected to any external storage services then it is better to use other encryption tools, such as file-level or whole-disk encryption.
Note also that SSL terminates at or before Apache on the Nextcloud server, and all files will exist in an unencrypted state between the SSL connection termination and the Nextcloud code that encrypts and decrypts files. This is also potentially exploitable by anyone with administrator access to your server. Read How Nextcloud uses encryption to protect your data for more information.

Ok. This is convincing …

Could you tell me how to disable the ecryption module safely and decrypt all files?

If recovery keys are used, then probably with the occ-command:

If not, there is the general method here:
But then probably every user has to decrypt them manually by giving his login password (on personal page).

I haven’t used it in a very long time, so I can’t tell you if it is reliable. I would do a complete backup before that you can revert to the previous setting in case anything goes wrong.

I already tried this. Decrytpion with master key is not working …

So i looked a little bit inside the code of richdocuments. It seems in general that the file access is relativly easy … also with encryption. The OC\Files\View class handles this. If I am not totally wrong the encryption cant be the reason.

I have exactly the same problem, and I don’t have encryption enabled. I use Ubuntu 16.04.

Also it seems to be working perfectly fine on ubuntu 14.04, not sure what maybe the problem. Any help?

Lol. I am working on Ubuntu 14.04.
Are there any logs of richdocuments?

@SpiGAndromeda can you please try opening open office (odt) document? Funny thing is, it opens fine on my end, but any other documents have same problem as yours.

Not working. Same error.

@SpiGAndromeda check this:

there is a bug report also, I have 14.04 fully updated and mine worked, but, again, doesn’t work on 16.04

I checked this bug thing. The CONFIG_AUFS_XATTR=y Option is enabled.

Ich checked this issue with the Virtuale Machine from Collabora. I updated the owncloud instance inside to nextcloud and activated the entcryption and the editor worked perfect.

With this knowledge i tried to transfer the Collabora Online Development Edition App to my nextcloud. Unfortunatly without success. There are a lot of differences in the general file handling between this app and the richdocuments app.

Does have anybody an idea how to debug the richdocuments app? Because the appearing error isn’t showing in any log file … even with debug log.

Another point I should mention is the delay wich is discribed several times. This delay doesn’t appear in the VM.

so you’re saying the app in the CODE VM is not the same as the one on github? If it isn’t it is 90% sure simply older, so a change must then have broken encryption or something… I suggest you file a bug in the app repo on github, they can then verify if it should work or not.

16.04 and also the same error. When disabling the encryption app it works. Any update how to solve this with encryption enabled? (seems to much of a hassle to decrypt all files for all users)

is there any news according to this encryption problem? By the way is it cloud problem, or app problem, or docker/libreoffice-online problem? I have the same error messages (except for delay what was solved few days ago in new docker image) as described here:

+ in docker logs when encryption is on I see also:

wsd-00009-67 19:04:46.477398 [ prison_ws_0057 ] WOPI::GetFile downloaded 9302 bytes from [https://cloud.local/cloudcrypt/index.php/apps/richdocuments/wopi/files/87?access_token=XjNTYXDIhdCbFRMKF6mDm6F VeOMxxFP1] -> /opt/lool/child-roots/16798/user/docs/16798/New Document.odt: 503 Service Unavailable

Any news on that one? Sorry for bumping but it’s been a month without an official statement.

Does using encryption mean collabora will not be working ever?