Resolve issues with encryption key

This article talks about how to fix the issues caused by the encryption key not being moved together with DB dump to the other environment.

Affected products and versions

  • Adobe Commerce on cloud infrastructure 2.2.x, 2.3.x


After importing a database dump from Production to Staging/Integration environments, saved credit card numbers appear wrong and/or payments fail for payment integrations requiring usage of merchant credentials.


The encryption key used to encrypt sensitive data, like credit card numbers and merchant credentials, is not stored in the database, and therefore does not get transferred to other environment after database dump import/export.


You need to copy the encryption key from the source environment and add it to the destination environment.

To copy the encryption key:

  1. SSH to your project that was the source for the database dump, as described in SSH to environment in our developer documentation.
  2. Open app/etc/env.php in a text editor.
  3. Copy the value of key for crypt.
return array ('crypt' =>      array ('key' => '<your encryption key>', ),);

To set the key value for the destination project:

  1. Open the Cloud Console and locate your project.
  2. Set the value of the CRYPT_KEY (in our developer documentation) variable, as described in Configure your project in our developer documentation. This will trigger the deployment process and CRYPT_KEY will be overridden in the app/etc/env.php file on every deployment.

Optionally, you can manually override the encryption key in the app/etc/env.php file:

  1. SSH to the destination environment.
  2. Open app/etc/env.php in a text editor.
  3. Paste the copied data as the key value for crypt.
  4. Save the edited env.php.
  5. Clean cache on the destination environment by running bin/magento cache:clean or in the Commerce Admin under System > Tools > Cache Management.