Where is documentation for 'updater.secret'?

I have been using the betas and now RCs of the upcoming NC25 release. After the first update to a beta I have been unable to use the web based updater.

Now when I try to use it I get a message like this:


At first I assumed this was just a bug in the beta and used the CLI to update. However, it has remained through each step, and I’ve done them all. Even with my current attempt to go from RC2 to RC3 I am facing the same issue.

I have tried to find documentation about this without success. I followed the instructions given and created my own hash and plaintext, putting the hash in the ‘updater.secret’ field which is being insterted into my config file, and putting the plaintext into the password field of the message. It rejects the password and if I check the config file it has a different value for updater.secret than I just entered. It appears that clicking update changes the config value so I don’t see how I’m supposed to know what to enter in this field to update successfully from the web interface. I have even tried deleting the updater.secret line entirely and it just shows up again.

I have confirmed with testing that clicking the ‘Open updater’ button immediately creates the ‘updater.secret’ line in the config file if it did not already exists, and puts a new random value in there if it does.

What is the proper procedure to follow when faced with this issue? More to the point? How can I restore the previous functionality where as an admin I can update the server without yet another password?

1 Like

It is a bug in 25. It hasn’t been fixed yet.