Apex Code Development You need to sign in to do that
Don't have an account?
Raphaël Jozeau 8 Unable to login to new sandbox - Encryption Key Unavailable
Hi,
For a Salesforce Org, in Production a Master Encryption key has been setup. I tried to create a sandbox, but, when I login, I cannot access a screen, I have the following error message :
Encryption Key Unavailable
The encryption key number 1 used to encrypt this data was deleted. Contact your administrator to get access to the data.
It makes it impossible to use the sandbox. Does any of you every had a similar issue? Or a clue how to solve this?
Thanks in advance !
Raphaël
- Your Encryption Key might be deleted by other user
- Your Encryption Key was not copied as part of the salesforce refresh
Please checkExport and delete keys with care. If your key is destroyed, you must reimport it to access your data. You are solely responsible for making sure your data and keys are backed up and stored in a safe place. Salesforce cannot help you with deleted, destroyed or misplaced k
Thanks a lot for your answer !
Indeed I believe the key was not copied as part of the refresh, but since it's a DEV sandbox, I have no data at all, so it's strange I cannot access a single page.
Just to be sure : your suggestion is to archive (store securely) and delete the encryption key in Production, then make another sandbox?
Refreshing a sandbox from a production org creates an exact copy of the production org. If Shield Platform Encryption is enabled on the production org, all encryption settings are copied, including tenant secrets created in production. Once a sandbox is refreshed, tenant secret changes are confined to your current org. This means that when you rotate or destroy a tenant secret on sandbox, it doesn’t affect the production org.
As a best practice, rotate tenant secrets on sandboxes after a refresh. Rotation ensures that production and sandbox use different tenant secrets. Destroying tenant secrets on a sandbox renders encrypted data unusable in cases of partial or full copies.
So try importing the same key from production once and test it, that might help else unfortunately you need to refresh the sandbox org again.
Let us know if the above workaround helps.
I'm having a similar issue.
I'm able to log into Production with no issue. I refreshed a Dev sandbox (iow no data) and when I login in, I'm prompted to connect it to the Salesforce Authenticator App. Able to add the login no problem and then get the same message that Raphaël reported.
The org does not have shield enabled and I went to Security Keys and it is present and not deleted.
Is there something that's changed in how Sandbox refresh needs to be preformed so that the key is copied from production? I logged out and logged back in to the sandbox and it prompts me to reconnect the login to MFA Salesforce Authenticator app so I figure something got messed up, but not sure how to resolve since I can't access any of the Setup menu items to add a key.