Nextcloud runs into internal errors after upgrade from v13 to v14

Nextcloud version: 14.0.0
Operating system and version: Debian 8
nginx version: 1.12.2
PHP version: 7.0.31-1~dotdeb+8.1

The issue you are facing:

Nextcloud became unavailable after the upgrade to version 14.0.0, stating that it isnt able to get a key from /lib/private/Authentication/Token/PublicKeyTokenProvider.php#297

Is this the first time you’ve seen this error?: Yes

The output of Nextcloud.log:

{"reqId":"KLn7vfNkAQm7yOkZZLHL","level":3,"time":"2018-09-10T12:22:27+00:00","remoteAddr":"***","user":"USERNAME","app":"PHP","method":"GET","url":"\/","message":"openssl_pkey_export(): cannot get key from parameter 1 at \/filecloud\/lib\/private\/Authentication\/Token\/PublicKeyTokenProvider.php#297","userAgent":"Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko\/20100101 Firefox\/62.0","version":"14.0.0.19"}

{"reqId":"KLn7vfNkAQm7yOkZZLHL","level":3,"time":"2018-09-10T12:22:27+00:00","remoteAddr":"***","user":"USERNAME","app":"index","method":"GET","url":"\/","message":{"Exception":"TypeError","Message":"openssl_pkey_get_details() expects parameter 1 to be resource, boolean given","Code":0,"Trace":[{"file":"\/filecloud\/lib\/private\/Authentication\/Token\/PublicKeyTokenProvider.php","line":300,"function":"openssl_pkey_get_details","args":[false]},{"file":"\/filecloud\/lib\/private\/Authentication\/Token\/PublicKeyTokenProvider.php","line":270,"function":"newToken","class":"OC\\Authentication\\Token\\PublicKeyTokenProvider","type":"->","args":["*** sensitive parameter replaced ***","USERNAME","USERNAME","~vw=\"jX,9\"88nnYYxHVj","Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko\/20100101 Firefox\/62.0",0,0]},{"file":"\/filecloud\/lib\/private\/Authentication\/Token\/Manager.php","line":128,"function":"convertToken","class":"OC\\Authentication\\Token\\PublicKeyTokenProvider","type":"->","args":[{"id":476,"__class__":"OC\\Authentication\\Token\\DefaultToken"},"*** sensitive parameter replaced ***","~vw=\"jX,9\"88nnYYxHVj"]},{"file":"\/filecloud\/lib\/private\/User\/Session.php","line":718,"function":"getToken","class":"OC\\Authentication\\Token\\Manager","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"\/filecloud\/lib\/private\/User\/Session.php","line":259,"function":"validateToken","class":"OC\\User\\Session","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"\/filecloud\/lib\/private\/User\/Session.php","line":234,"function":"validateSession","class":"OC\\User\\Session","type":"->","args":[]},{"file":"\/filecloud\/lib\/private\/User\/Session.php","line":271,"function":"getUser","class":"OC\\User\\Session","type":"->","args":[]},{"file":"\/filecloud\/lib\/base.php","line":973,"function":"isLoggedIn","class":"OC\\User\\Session","type":"->","args":[]},{"file":"\/filecloud\/index.php","line":42,"function":"handleRequest","class":"OC","type":"::","args":[]}],"File":"\/filecloud\/lib\/private\/Authentication\/Token\/PublicKeyTokenProvider.php","Line":300,"CustomMessage":"--"},"userAgent":"Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko\/20100101 Firefox\/62.0","version":"14.0.0.19"}

{"reqId":"KLn7vfNkAQm7yOkZZLHL","level":3,"time":"2018-09-10T12:22:27+00:00","remoteAddr":"***","user":"USERNAME","app":"no app in context","method":"GET","url":"\/","message":{"Exception":"Symfony\\Component\\Routing\\Exception\\RouteNotFoundException","Message":"Unable to generate a URL for the named route \"theming.Theming.getImage\" as such route does not exist.","Code":0,"Trace":[{"file":"\/filecloud\/lib\/private\/Route\/Router.php","line":337,"function":"generate","class":"Symfony\\Component\\Routing\\Generator\\UrlGenerator","type":"->","args":["theming.Theming.getImage",{"key":"logo","useSvg":true,"v":"19"},1]},{"file":"\/filecloud\/lib\/private\/Route\/CachingRouter.php","line":60,"function":"generate","class":"OC\\Route\\Router","type":"->","args":["theming.Theming.getImage",{"key":"logo","useSvg":true,"v":"19"},false]},{"file":"\/filecloud\/lib\/private\/URLGenerator.php","line":79,"function":"generate","class":"OC\\Route\\CachingRouter","type":"->","args":["theming.Theming.getImage",{"key":"logo","useSvg":true,"v":"19"}]},{"file":"\/filecloud\/apps\/theming\/lib\/ThemingDefaults.php","line":229,"function":"linkToRoute","class":"OC\\URLGenerator","type":"->","args":["theming.Theming.getImage",{"key":"logo","useSvg":true,"v":"19"}]},{"file":"\/filecloud\/lib\/public\/Defaults.php","line":187,"function":"getLogo","class":"OCA\\Theming\\ThemingDefaults","type":"->","args":[true]},{"file":"\/filecloud\/core\/templates\/layout.guest.php","line":34,"function":"getLogo","class":"OCP\\Defaults","type":"->","args":[]},{"file":"\/filecloud\/lib\/private\/Template\/Base.php","line":179,"args":["\/filecloud\/core\/templates\/layout.guest.php"],"function":"include"},{"file":"\/filecloud\/lib\/private\/Template\/Base.php","line":151,"function":"load","class":"OC\\Template\\Base","type":"->","args":["\/filecloud\/core\/templates\/layout.guest.php",null]},{"file":"\/filecloud\/lib\/private\/legacy\/template.php","line":207,"function":"fetchPage","class":"OC\\Template\\Base","type":"->","args":[null]},{"file":"\/filecloud\/lib\/private\/legacy\/template.php","line":238,"function":"fetchPage","class":"OC_Template","type":"->","args":[null]},{"file":"\/filecloud\/lib\/private\/Template\/Base.php","line":132,"function":"fetchPage","class":"OC_Template","type":"->","args":[]},{"file":"\/filecloud\/lib\/private\/legacy\/template.php","line":359,"function":"printPage","class":"OC\\Template\\Base","type":"->","args":[]},{"file":"\/filecloud\/index.php","line":83,"function":"printExceptionErrorPage","class":"OC_Template","type":"::","args":[{"__class__":"TypeError"},500]}],"File":"\/filecloud\/3rdparty\/symfony\/routing\/Generator\/UrlGenerator.php","Line":113,"CustomMessage":"--"},"userAgent":"Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko\/20100101 Firefox\/62.0","version":"14.0.0.19"}

The output of your config.php:

$CONFIG = array (
  'instanceid' => '***',
  'passwordsalt' => '***',
  'secret' => '***',
  'trusted_domains' =>
  array (
    0 => '***',
    1 => '***',
  ),
  'datadirectory' => '/srv/filecloud',
  'overwrite.cli.url' => '***',
  'dbtype' => 'mysql',
  'version' => '14.0.0.19',
  'dbname' => '***',
  'dbhost' => '***',
  'dbport' => '***',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => '***',
  'dbpassword' => '***',
  'installed' => true,
  'default_language' => 'en',
  'force_language' => 'en',
  'ldapIgnoreNamingRules' => false,
  'ldapProviderFactory' => '\\OCA\\User_LDAP\\LDAPProviderFactory',
  'mail_from_address' => 'filecloud',
  'mail_smtpmode' => 'smtp',
  'mail_smtpauthtype' => 'PLAIN',
  'mail_domain' => '***',
  'log_rotate_size' => 10485760,
  'loglevel' => 1,
  'memcache.local' => '\\OC\\Memcache\\Redis',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'redis' =>
  array (
    'host' => '***',
    'port' => '***',
    'password' => '***',
  ),
  'mail_smtpport' => '***',
  'mail_smtphost' => '***',
  'maintenance' => false,
  'lost_password_link' => 'disabled',
);

The output of nginx’s access.log (error.log didn’t catch anything):

REMOTEADDR - - [10/Sep/2018:12:31:44 +0000] "GET / HTTP/1.1" 500 4026 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "https" "HOST"
REMOTEADDR - - [10/Sep/2018:12:31:45 +0000] "GET /apps/theming/image/logo?useSvg=1&v=19 HTTP/1.1" 500 4033 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "https" "HOST"

I am not sure if this is the same issue or not. I also cannot log into nextcloud after updating to v14.
Requests from Nextcloud iOS generates one line in the nextcloud.log file:
{“reqId”:“N8Jl8mnpylEGI1bXCMgU”,“level”:2,“time”:“2018-09-10T13:07:07+00:00”,“remoteAddr”:“80.12.41.179”,“user”:"–",“app”:“core”,“method”:“GET”,“url”:"/ocs/v2.php/cloud/user?format=json",“message”:“Login failed: ‘jsalort’ (Remote IP: ‘80.12.41.179’)”,“userAgent”:“Mozilla/5.0 (iOS) Nextcloud-iOS/2.22.2”,“version”:“14.0.0.19”}

Requests from Desktop browser does not generate any line in the log file.
I get redirected to
/index.php/login?redirect_url=/index.php/apps/files/
and am asked for password again.

$ sudo -u www-data php occ status

• installed: true
• version: 14.0.0.19
• versionstring: 14.0.0
• edition:

No helpful information in Apache log file either.
I am at a loss as to where to find useful debugging information.

i have exactly the same issues like you… any ideas what to do?

okay, google says there is an issue reading the openssl.cnf… any other clues? :-/

i created an issue report on github: https://github.com/nextcloud/server/issues/11227

My nginx runs in a chrooted environment, which was missing /etc/openssl.cnf. After placing a copy in the chroot, Nextcloud works again.

When using nginx with php-fpm7.1 on Debian Stretch, we encountered the same problem when using chrooted pools. This setup seems to look for the openssl.cnf in the folder: /usr/lib/ssl . Putting it there made it work, as mapet correctly posted.

Maybe some check should be made to check the outcome of the function openssl_pkey_new, or at least spawn the openssl error in the log file. The openssl error can be found using the function openssl_error_string. (It reported a non-existing file, which pointed us in the right direction.)
(File: nextcloud/lib/private/Authentication/Token/PublicKeyTokenProvider.php )

The pools worked on NC13, we haven’t tried the upgrade option, but we suspect it to break the installation unless this is corrected beforehand (putting the openssl.cnf in the correct location).