WebAuthn and Server-Side-Encryption


I’m having an issue with logging in using passwordless WebAuthn. Same user can login with their password credentials.

I’m using S3 as primary storage and have server side encryption turned on. When the user tries to login using their FIDO2 key, the login screen is not redirecting and the log shows the following error:

Exception: sha1(): Argument #1 ($string) must be of type string, null given in file '/var/www/html/lib/private/Authentication/Token/PublicKeyTokenProvider.php' line 116

As I understand SSE, the session will use the login password to create a decryption token and so password login is required. Does this mean that WebAuthn and Server-Side-Encryption are mutually exclusive?