Skip to main content

Troubleshooting

Quick Diagnosis

# Check container status
docker ps | grep encrypt-data

# Check recent logs
docker logs encrypt-data --tail 50 2>&1 | grep -i error

# Test encryption endpoint
curl -X POST http://localhost:8080/transactions \
  -H "Content-Type: application/json" \
  -d '{"card_number": "4532123456789010", "email": "[email protected]"}'

Common Issues

Encryption key errors

Cause: Key not set or wrong format

# Check if key environment variable is set
echo ${ENCRYPTION_KEY:0:10}...

Fix: Ensure key is proper length and format:

# Generate a valid 256-bit key
export ENCRYPTION_KEY=$(openssl rand -base64 32)

Fields not being encrypted

Cause: Field names don't match config or fields are nested

# Check logs for field names
docker logs encrypt-data --tail 20 2>&1 | grep -E "(card|email|ssn)"

Fix: Handle nested fields explicitly:

- mapping: |
    root.payment.card_number = this.payment.card_number.encrypt_aes("${ENCRYPTION_KEY}")

Decryption fails

Cause: Wrong key version or corrupted ciphertext

Fix: Always store key version with encrypted data:

root.card_encrypted = {
  "ciphertext": this.card_number.encrypt_aes("${KEY}"),
  "key_version": env("KEY_VERSION")
}

Performance degradation

Cause: Encrypting too many fields or large payloads

docker stats encrypt-data --no-stream

Fix: Only encrypt truly sensitive fields, batch small messages:

batching:
  count: 100
  period: 1s

Still stuck?

  1. Add debug logging: logger: {level: DEBUG}
  2. Check the Complete Pipeline for reference config
  3. Review Encryption Patterns for advanced patterns