E2EE - Not working on iOS :(

Hi! Just need a bit of help here, I have server side encryption activated, with the E2EE working brilliantly on my Windows and MacOS Clients. I have tried to get it to work on my iOS client.

But, it’s being a bit weird, it comes up with an error saying E2E decrypt privateKey - Serious internal error to decrypt Private Key. I have tried the 12 word thingy on both Windows and Mac and it worked fine with no issue. I have looked on here already and I’ve heard it’s something to do with the 12 word mnemonic thing but I am super confused haha

Can someone guide me on what to do with this?

Thanks!

But, it’s being a bit weird, it comes up with an error saying E2E decrypt privateKey - Serious internal error to decrypt Private Key.

This happens right after entering the same mnemonic used on your other devices, correct?

Can you also fill in some details about your environment - i.e. iOS app version and bits of the support template.

I have server side encryption activated, with the E2EE working brilliantly

Just to clarify: I assume you mean you have the E2EE app enabled. Server-side Encryption is distinct from E2EE. Or are you trying to use both simultaneously?

Hi,

Just to clarify: I assume you mean you have the E2EE app enabled. Server-side Encryption is distinct from E2EE. Or are you trying to use both simultaneously?

Apologies should have clarified, I have both server-side encryption and E2EE enabled, I thought for some reason you needed both. When I do the 12 word mnemonic on Windows/Mac, it works without an issue.

Screenshot 2025-02-26 at 18.14.26665×107 6.82 KB

This is the Tail -f from the Nextcloud.log, had to do a pastebin cos it’s a bit big: Ubuntu Pastebin

This is a tail -f from the access.log in Nginx, integrated to nextcloud as installation was done on docker compose.

iOS Tailscale IP - Myname [26/Feb/2025:17:32:40 +0000] "GET /ocs/v2.php/apps/end_to_end_encryption/api/v1/public-key HTTP/2.0" 200 1053 "-" "Mozilla/5.0 (iOS) Nextcloud-iOS/6.2.7"
iOS Tailscale IP - Myname [26/Feb/2025:17:32:43 +0000] "GET /ocs/v2.php/apps/end_to_end_encryption/api/v1/public-key HTTP/2.0" 200 1053 "-" "Mozilla/5.0 (iOS) Nextcloud-iOS/6.2.7"
iOS Tailscale IP - Myname [26/Feb/2025:17:32:43 +0000] "GET /ocs/v2.php/apps/end_to_end_encryption/api/v1/private-key HTTP/2.0" 200 2527 "-" "Mozilla/5.0 (iOS) Nextcloud-iOS/6.2.7"

• Nextcloud Hub 10 (31.0.0)
• iOS 18.3.1 and Nextcloud 6.2.7
• Tailscale VPN with HTTPS Enabled, and LE Certificate
• MariaDB version “11.7.2-MariaDB-ubu2404”
• NGinx version 1.26.2
• Ubuntu Server 24.04.2 LTS Noble

The Steps I needed to replicate this issue was to go on the iOS app and to place the 12 word mnemonic in the dialogue box. I had reinstall the iOS app and have reset the encryption key to try to solve the problem. I have checked the public keys and they match.

Apps:

root@d7b5659d53a7:/# occ app:list
Enabled:
   - activity: 4.0.0
   - app_api: 5.0.2
   - bruteforcesettings: 4.0.0
   - circles: 31.0.0-dev.0
   - cloud_federation_api: 1.14.0
   - comments: 1.21.0
   - contactsinteraction: 1.12.0
   - dashboard: 7.11.0
   - dav: 1.33.0
   - encryption: 2.19.0
   - end_to_end_encryption: 1.17.0
   - federatedfilesharing: 1.21.0
   - federation: 1.21.0
   - files: 2.3.1
   - files_downloadlimit: 4.0.0
   - files_external: 1.23.0
   - files_pdfviewer: 4.0.0
   - files_reminders: 1.4.0
   - files_sharing: 1.23.1
   - files_trashbin: 1.21.0
   - files_versions: 1.24.0
   - firstrunwizard: 4.0.0
   - logreader: 4.0.0
   - lookup_server_connector: 1.19.0
   - music: 2.1.2
   - nextcloud_announcements: 3.0.0
   - notifications: 4.0.0
   - oauth2: 1.19.1
   - password_policy: 3.0.0
   - photos: 4.0.0-dev.1
   - privacy: 3.0.0
   - profile: 1.0.0
   - provisioning_api: 1.21.0
   - recommendations: 4.0.0
   - related_resources: 2.0.0
   - serverinfo: 3.0.0
   - settings: 1.14.0
   - sharebymail: 1.21.0
   - support: 3.0.0
   - survey_client: 3.0.0
   - systemtags: 1.21.1
   - text: 5.0.0
   - theming: 2.6.1
   - twofactor_backupcodes: 1.20.0
   - updatenotification: 1.21.0
   - user_status: 1.11.0
   - viewer: 4.0.0
   - weather_status: 1.11.0
   - webhook_listeners: 1.2.0
   - whiteboard: 1.0.5
   - workflowengine: 2.13.0
 Disabled:
   - admin_audit: 1.21.0
   - documentserver_community: 0.1.20 (installed 0.1.20)
   - onlyoffice: 9.6.0 (installed 9.6.0)
   - richdocuments: 8.6.1 (installed 8.6.1)
   - suspicious_login: 9.0.1
   - twofactor_nextcloud_notification: 5.0.0
   - twofactor_totp: 13.0.0-dev.0
   - user_ldap: 1.22.0

Pastebin for my compose.yml if you’re interested: Ubuntu Pastebin

Let me know if you need more info. Thanks!

Did you ever resolve this? I am having the exact same issue as you are.

I am replying in my phone right now so I don’t have all my files in front of me, but your docker compose is worlds smaller and more minimal than mine, which is not a bad thing. Just saying I can’t imagine it’s something you added there.

Have you messed around much with the Nextcloud config file by chance? I can share mine tomorrow when in front of my computer.

I am also running Nextcloud in docker on Ubuntu server, mine is behind Cloudflare using their tunnel and not tailscale.

Same exact issue here. Encryption and sync works fine on macOS, but I can’t enable it on iOS client. Nothing in the log file on the server nor in the client itself

EDIT: Note that if I reset the encryption in the Web UI and initialize it on the iOS instead of desktop, everything works fine. I can then take the mnemonic and setup encryption in desktop app as well.

I am experiencing the very same issue as well on a pretty fresh Nextcloud AIO setup. I’ll try the workaround deleting the E2EE key and setting it up anew on my iOS device. But this is no solution sadly. Do we have any idea what might cause the issue? The log output seems interesting, but I’m not that into Nextcloud internals (yet?) to know where to look for the error.

Honestly guys I have no clue what’s going on with this lol, I tried messaging in Github as well but haven’t heard anything

Hello guys! Found the fix - don’t set up the passphrase on your MacOS/Windows, set it up first on your iPhone

IMG_DDB71F35E604-11284×2778 161 KB

I created the mnemonic passphrase through the iOS app but I’m having the same issue.

{"reqId":"aCyhOSLCBLBi0js6QxD8DgAAANE","level":2,"time":"2025-05-20T15:35:21+00:00","remoteAddr":"2a02:3100:8415:c200:1176:f08d:5277:bcf2","user":"redacted-user","app":"end_to_end_encryption","method":"GET","url":"/ocs/v2.php/apps/end_to_end_encryption/api/v1/private-key","message":"Could not find the private key of the user: redacted-user","userAgent":"Mozilla/5.0 (iOS) Nextcloud-iOS/6.6.2","version":"31.0.5.1","data":{"app":"end_to_end_encryption"}}
{"reqId":"aCyl0_qh0Q1d9n_Z1rHCxgAAAI0","level":3,"time":"2025-05-20T15:54:59+00:00","remoteAddr":"2a02:3100:8415:c200:2df0:bcad:e59:be0e","user":"redacted-user","app":"end_to_end_encryption","method":"DELETE","url":"/ocs/v2.php/apps/end_to_end_encryption/api/v1/encrypted-files","message":"No file for owner with ID 1103","userAgent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36","version":"31.0.5.1","exception":{"Exception":"OCP\\Files\\NotFoundException","Message":"No file for owner with ID 1103","Code":0,"Trace":[{"file":"/var/www/virtual/redacted-user/html/nextcloud/apps/end_to_end_encryption/lib/MetaDataStorage.php","line":147,"function":"verifyOwner","class":"OCA\\EndToEndEncryption\\MetaDataStorage","type":"->","args":["redacted-user",1103]},{"file":"/var/www/virtual/redacted-user/html/nextcloud/apps/end_to_end_encryption/lib/Controller/EncryptionController.php","line":97,"function":"deleteMetaData","class":"OCA\\EndToEndEncryption\\MetaDataStorage","type":"->","args":["redacted-user",1103]},{"file":"/var/www/virtual/redacted-user/html/nextcloud/lib/private/AppFramework/Http/Dispatcher.php","line":200,"function":"removeEncryptedFolders","class":"OCA\\EndToEndEncryption\\Controller\\EncryptionController","type":"->","args":[]},{"file":"/var/www/virtual/redacted-user/html/nextcloud/lib/private/AppFramework/Http/Dispatcher.php","line":114,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\EndToEndEncryption\\Controller\\EncryptionController"},"removeEncryptedFolders"]},{"file":"/var/www/virtual/redacted-user/html/nextcloud/lib/private/AppFramework/App.php","line":161,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\EndToEndEncryption\\Controller\\EncryptionController"},"removeEncryptedFolders"]},{"file":"/var/www/virtual/redacted-user/html/nextcloud/lib/private/Route/Router.php","line":307,"function":"main","class":"OC\\AppFramework\\App","type":"::","args":["OCA\\EndToEndEncryption\\Controller\\EncryptionController","removeEncryptedFolders",{"__class__":"OC\\AppFramework\\DependencyInjection\\DIContainer"},{"apiVersion":"1","_route":"ocs.end_to_end_encryption.encryption.removeencryptedfolders"}]},{"file":"/var/www/virtual/redacted-user/html/nextcloud/ocs/v1.php","line":49,"function":"match","class":"OC\\Route\\Router","type":"->","args":["/ocsapp/apps/end_to_end_encryption/api/v1/encrypted-files"]},{"file":"/var/www/virtual/redacted-user/html/nextcloud/ocs/v2.php","line":7,"args":["/var/www/virtual/redacted-user/html/nextcloud/ocs/v1.php"],"function":"require_once"}],"File":"/var/www/virtual/redacted-user/html/nextcloud/apps/end_to_end_encryption/lib/MetaDataStorage.php","Line":287,"message":"No file for owner with ID 1103","exception":{},"CustomMessage":"No file for owner with ID 1103"}}
{"reqId":"aCymB_qh0Q1d9n_Z1rHDNwAAAIo","level":2,"time":"2025-05-20T15:55:51+00:00","remoteAddr":"2a02:3100:8415:c200:1176:f08d:5277:bcf2","user":"redacted-user","app":"end_to_end_encryption","method":"GET","url":"/ocs/v2.php/apps/end_to_end_encryption/api/v1/private-key","message":"Could not find the private key of the user: redacted-user","userAgent":"Mozilla/5.0 (iOS) Nextcloud-iOS/6.6.2","version":"31.0.5.1","data":{"app":"end_to_end_encryption"}}

This topic was automatically closed after 90 days. New replies are no longer allowed.