nic-6443 commented on issue #11565: URL: https://github.com/apache/apisix/issues/11565#issuecomment-4676893399
This is fixed on master and will be in the next release. There were two separate problems here: the logs printing the unencrypted secret value, which was removed in commit c8bab5d97 (#13298) — `aes_decrypt_pkey` no longer includes the key material in the error message — and the log noise itself, which was downgraded from warn to info with an actionable hint in f1018cc44 (#13324). The underlying cause is that 3.10.0 enabled `data_encryption.enable_encrypt_fields` by default (#11076), so APISIX tries to decrypt fields that were stored as plaintext before the upgrade. To migrate existing data, just re-save the affected resources (PUT them again via the Admin API) — values are encrypted on write, and the decrypt messages disappear once stored data is actually encrypted. Until you do that, the messages are harmless; the plugins keep working with the plaintext values. I'd suggest closing this one. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
