Error message when resetting master password and rotating encryption keys. #1069

New Issue

OVERLORD · 2026-02-04T23:47:39+03:00

OVERLORD commented

2026-02-04 23:47:39 +03:00

Originally created by @hrvylein on GitHub (Jul 3, 2021).

Subject of the issue

Error message when resetting master password and rotating encryption keys.

Deployment environment

Your environment (Generated via diagnostics page)

Vaultwarden version: v1.22.1
Web-vault version: v2.20.4b
Running within Docker: true
Environment settings overridden: true
Uses a reverse proxy: true
IP Header check: true (X-Real-IP)
Internet access: true
Internet access via a proxy: false
DNS Check: true
Time Check: true
Domain Configuration Check: true
HTTPS Check: true
Database type: SQLite
Database version: 3.35.4
Clients used:
Reverse proxy and version:
Other relevant information:

Config (Generated via diagnostics page)

Show Running Config

Environment settings which are overridden: ADMIN_TOKEN

{
  "_duo_akey": null,
  "_enable_duo": false,
  "_enable_email_2fa": true,
  "_enable_smtp": true,
  "_enable_yubico": false,
  "_ip_header_enabled": true,
  "admin_token": "***",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_max_conns": 10,
  "database_url": "****/**.*******",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "domain": "*****://******.*******.**",
  "domain_origin": "*****://******.*******.**",
  "domain_path": "",
  "domain_set": true,
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "email_attempts_limit": 3,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "enable_db_wal": true,
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "invitation_org_name": "Vaultwarden",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": null,
  "log_level": "Info",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "org_attachment_limit": null,
  "org_creation_users": "",
  "password_iterations": 100000,
  "reload_templates": false,
  "require_device_email": true,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sends_allowed": true,
  "sends_folder": "data/sends",
  "show_password_hint": true,
  "signups_allowed": true,
  "signups_domains_whitelist": "",
  "signups_verify": false,
  "signups_verify_resend_limit": 6,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": null,
  "smtp_debug": false,
  "smtp_explicit_tls": false,
  "smtp_from": "****@***.**",
  "smtp_from_name": "Vaultwarden",
  "smtp_host": "*.***.*",
  "smtp_password": "***",
  "smtp_port": 587,
  "smtp_ssl": true,
  "smtp_timeout": 15,
  "smtp_username": "*@*.*",
  "templates_folder": "data/templates",
  "trash_auto_delete_days": null,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_syslog": false,
  "user_attachment_limit": null,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "websocket_address": "0.0.0.0",
  "websocket_enabled": false,
  "websocket_port": 3012,
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}

Clients used: Web
Other relevant details:

Steps to reproduce

Change master password and check rotate keys

Expected behaviour

Success message or redirect

Actual behaviour

After some time there is an error message displayed:

<!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>404 Not Found</title> </head> <body align="center"> <div role="main" align="center"> <h1>404: Not Found</h1> <p>The requested resource could not be found.</p> <hr /> </div> <div role="contentinfo" align="center"> <small>Rocket</small> </div> </body> </html>

and https://my.domain.tld/api/emergency-access/trusted is trying to be accessed which returns the 404 error.

Originally created by @hrvylein on GitHub (Jul 3, 2021). ### Subject of the issue Error message when resetting master password and rotating encryption keys. ### Deployment environment ### Your environment (Generated via diagnostics page) * Vaultwarden version: v1.22.1 * Web-vault version: v2.20.4b * Running within Docker: true * Environment settings overridden: true * Uses a reverse proxy: true * IP Header check: true (X-Real-IP) * Internet access: true * Internet access via a proxy: false * DNS Check: true * Time Check: true * Domain Configuration Check: true * HTTPS Check: true * Database type: SQLite * Database version: 3.35.4 * Clients used: * Reverse proxy and version: * Other relevant information: ### Config (Generated via diagnostics page) <details><summary>Show Running Config</summary> **Environment settings which are overridden:** ADMIN_TOKEN ```json { "_duo_akey": null, "_enable_duo": false, "_enable_email_2fa": true, "_enable_smtp": true, "_enable_yubico": false, "_ip_header_enabled": true, "admin_token": "***", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "authenticator_disable_time_drift": false, "data_folder": "data", "database_max_conns": 10, "database_url": "****/**.*******", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "domain": "*****://******.*******.**", "domain_origin": "*****://******.*******.**", "domain_path": "", "domain_set": true, "duo_host": null, "duo_ikey": null, "duo_skey": null, "email_attempts_limit": 3, "email_expiration_time": 600, "email_token_size": 6, "enable_db_wal": true, "extended_logging": true, "helo_name": null, "hibp_api_key": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "invitation_org_name": "Vaultwarden", "invitations_allowed": true, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": null, "log_level": "Info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "org_attachment_limit": null, "org_creation_users": "", "password_iterations": 100000, "reload_templates": false, "require_device_email": true, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": true, "signups_allowed": true, "signups_domains_whitelist": "", "signups_verify": false, "signups_verify_resend_limit": 6, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": null, "smtp_debug": false, "smtp_explicit_tls": false, "smtp_from": "****@***.**", "smtp_from_name": "Vaultwarden", "smtp_host": "*.***.*", "smtp_password": "***", "smtp_port": 587, "smtp_ssl": true, "smtp_timeout": 15, "smtp_username": "*@*.*", "templates_folder": "data/templates", "trash_auto_delete_days": null, "trash_purge_schedule": "0 5 0 * * *", "use_syslog": false, "user_attachment_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "websocket_address": "0.0.0.0", "websocket_enabled": false, "websocket_port": 3012, "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null } ``` </details> * Clients used: Web * Other relevant details: ### Steps to reproduce Change master password and check rotate keys ### Expected behaviour Success message or redirect ### Actual behaviour After some time there is an error message displayed: `<!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>404 Not Found</title> </head> <body align="center"> <div role="main" align="center"> <h1>404: Not Found</h1> <p>The requested resource could not be found.</p> <hr /> </div> <div role="contentinfo" align="center"> <small>Rocket</small> </div> </body> </html> ` and https://my.domain.tld/api/emergency-access/trusted is trying to be accessed which returns the 404 error.

OVERLORD added the good first issue bug labels 2026-02-04 23:47:39 +03:00

OVERLORD closed this issue

2026-02-04 23:47:40 +03:00

OVERLORD commented

2026-02-04 23:47:44 +03:00

@BlackDex commented on GitHub (Jul 3, 2021):

ah, that isn't something we support yet, but apparently we at least need the endpoint to resolve and return something.
Thanks for the report!.

@BlackDex commented on GitHub (Jul 3, 2021): ah, that isn't something we support yet, but apparently we at least need the endpoint to resolve and return something. Thanks for the report!.

OVERLORD commented

2026-02-04 23:47:50 +03:00

@BlackDex commented on GitHub (Jul 4, 2021):

I have checked it, and it does seem to actually change and rotate what is needed, but it does trigger the error message, and for me it didn't logged me out of my session, but all was changed.

I have a fix already for this, i just need to finish it with some other fixes for the latest web-vault version.

@BlackDex commented on GitHub (Jul 4, 2021): I have checked it, and it does seem to actually change and rotate what is needed, but it does trigger the error message, and for me it didn't logged me out of my session, but all was changed. I have a fix already for this, i just need to finish it with some other fixes for the latest web-vault version.

OVERLORD referenced this issue

2026-02-05 05:00:09 +03:00

[PR #1069] [MERGED] Skip cleanup of `arm32v6` arch-specific tags #2841

OVERLORD referenced this issue

2026-02-05 05:00:16 +03:00

[PR #1075] [MERGED] Push an extra `latest-arm32v6` tag #2843

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/vaultwarden#1069