My key had expired so I then needed to regenerate the key but now no matter what kind of key I generate I just am always getting this error message, even on the website directly (not only in browser extension)
I am editing public key manually via mysql and dropping got keychain + reimporting server key but nothing is fixing this issue. I was hoping there might be a flag I can enable that just bypasses this error message.
@Hwiggy can you confirm this is your user key that is expired?
Unfortunately there is no user interface to rotate expired user keys.
However there is a manual procedure that can be followed:
Remove the expiry date and export a public and private key without expiry (or new expiry date set in the future), using gnupg for example
Manually update the public key in the database under the gpgkeys table for this user, make sure you update both the armored key and the modified date (so that your colleagues can get the updated key also).
Remove the key from the gnupg keyring on the server
Perform an account recovery with the new private key
I have manually reset my key in the database many times to no avail.
I got the system to a point where I could log in, but decrypting any password immediately failed.
Ah, this might explain things.
Yeah it might be that I generated a new public key when I noticed mine was expired.
Not great, but perhaps I have a backup of my keypair.
I tested creating a new password and decrypting it, that worked fine with the new key stored on the server; I suppose this is a problem with my side then.
Okay so I was using the same public key as passbolt knew, but the problem was I had deleted the subkey that had expired, rather than changing the expiry. I guess I became a victim of my lack of encryption knowledge; I suppose this meant that passbolt (or gpg even) did not recognize that keys signed with a specific subkey applied to the existing public key.
Reimporting the expired subkey and properly changing the expiration date, then re-importing the public key on passbolt did the trick, and I have totally recovered my credentials.
Thank you very much.