After changing the Opsman decryption passphrase you see the following error after logging into Opsman:

500 An error occurred.
Contact VMware Technical Support to report the problem.

Back to dashboard

TempestEncryptor::DecryptError

bad decrypt

When trying to use the old decryption passphrase you see an error: Decryption passphrase is incorrect

The Opsman installation files did not get re-encrypted with the new passphrase

1. First, SSH into Opsman and copy your installation files to a safe space

   • cp /var/tempest/workspaces/default/installation.yml /home/ubuntu
     cp /var/tempest/workspaces/default/actual-installation.yml /home/ubuntu

   • It is recommended to store these files somewhere outside the Opsman VM too in case you need to restore them
2. Next, Follow the steps in this KB with the following modifications:
   • On step 2, use your old passphrase before you changed it. If it fails to decrypt on this step, this KB doesn't apply to you and you should open a case with Tanzu Support
   • Skip Step 3
   • On Step 4, use your new decryption passphrase that you changed via Opsman
3. Restart Opsman
   • sudo service tempest-web restart
4. You should be able to unlock Opsman with your new decryption passphrase now