As it's mentioned in some of the KB articles previously listed,Ops Manager would import the database data in the installation file first, then try to decrypt the included installation.yml file using the given decryption passphrase. The decryption process involves verifying the given decryption passphrase against the data stored in the encryption_keys and application_unlock_infos tables in tempest_production database. 

In this case it's found the database data was not imported successfully, which caused no data records in the aforementioned tables. For example,

ubuntu@opsmanager-3-0:~$ sudo -u tempest-web psql tempest_production
psql (15.12)
Type "help" for help.

tempest_production=# select * from encryption_keys;
 id | salt | created_at | updated_at
----+------+------------+------------
(0 rows)

tempest_production=# select * from application_unlock_infos;
 id | passphrase_digest | eula_accepted
----+-------------------+---------------
(0 rows)

Therefore, the decryption process would fail even if the correct passphrase was given.

Review logs under folder /var/log/opsmanager on Ops Manager VM to understand why the data is not imported successfully into the tempest_production database, and fix the problem if possible. 

If the reason could not be figured out, probably the new Ops Manager VM had not been properly deployed either manually or through pipeline. Try to delete the newly deployed Ops Manager VM from infrastructure and deploy it again. Check for any issue/error during deployment. If nothing abnormal is observed, then attempt to import the installation file again on Ops Manager web UI and input correct decryption passphrase when being asked. If issue still persists, contact Tanzu support for further assistance.