+ Start a Discussion
Alexis KasperaviciusAlexis Kasperavicius 

Dataloader: 'Encryption Key Unavailable' error

When attempting to use Salesforce dataloader 52.0.0/Mac to log into a production org I get the following error:
 
Encryption Key Unavailable
The encryption key number 1 used to encrypt this data was deleted. Contact your administrator to get access to the data.

I can log into Sandbox instances and I can log into production using other (Mac) machines, it's just this one machine so it's obviously a local problem.

I'm NOT using encryption keys in this vanilla org (Sales/Service).

I have deleted and reinstalled Dataloader several times, deleted everything else I can think of, folders, etc. with no luck.

Any suggestions? What hidden files does data loader use for encryption and how can I find them/delete them or what am I missing? 

Thanks much for any ideas.

Alex
Best Answer chosen by Alexis Kasperavicius
Alexis KasperaviciusAlexis Kasperavicius
This turned out to be very specific problem, but I was able to solve it and will detail what I did to fix it in case anyone else hits it, since the errors aren't immediately clear.

In a nutshell: The problem was caused by a previously cached, expired encryption key on the machine and a non-whitelisted IP address.

Within a period of a few months this is what had happened:
  • The org's Master Encryption Key (in Certificate and Key Management) had expired and was replaced with a new one
  • The administrator had opted to delete the expired key
  • The computer in question had been moved to a new location
  • The administrator forgot to add the IP range of the new location
  • The user had upgraded Dataloader to the latest version
Therefore the computer worked for a while, but when dataloader was upgraded, the cache it used with the key was cleared.

User login history then showed 'Failed: Computer activation required' — Note for some reason, while I could reach the Dataloader Partner screen to allow access, which should have fixed it, it was still being rejected. Therefore I added the IP range of the user's computer and it cleared.

After adding the IP range of the new office, the problem cleared.

All Answers

SwethaSwetha (Salesforce Developers) 
HI Alex,
Can you check the login URL? Also, see if there are any references in process-conf.xml (https://developer.salesforce.com/docs/atlas.en-us.dataLoader.meta/dataLoader/command_line_create_config_file.htm)  

Related: https://salesforce.stackexchange.com/questions/20798/master-encryption-key-1-has-already-been-deleted

If this information helps, please mark the answer as best. Thank you
Alexis KasperaviciusAlexis Kasperavicius
This turned out to be very specific problem, but I was able to solve it and will detail what I did to fix it in case anyone else hits it, since the errors aren't immediately clear.

In a nutshell: The problem was caused by a previously cached, expired encryption key on the machine and a non-whitelisted IP address.

Within a period of a few months this is what had happened:
  • The org's Master Encryption Key (in Certificate and Key Management) had expired and was replaced with a new one
  • The administrator had opted to delete the expired key
  • The computer in question had been moved to a new location
  • The administrator forgot to add the IP range of the new location
  • The user had upgraded Dataloader to the latest version
Therefore the computer worked for a while, but when dataloader was upgraded, the cache it used with the key was cleared.

User login history then showed 'Failed: Computer activation required' — Note for some reason, while I could reach the Dataloader Partner screen to allow access, which should have fixed it, it was still being rejected. Therefore I added the IP range of the user's computer and it cleared.

After adding the IP range of the new office, the problem cleared.
This was selected as the best answer