Issue: From August 2025 onwards, the 22.1.4 images encrypt the default.conf data. As a result a snapshot rollback from this release to any old releases 22.1.4 or lower that maintain cleartext data will fail.
Workaround:
Here are steps for the rollback for the two cases.
Case A: Before rollback is initiated.
Step 1 : Before performing snapshot rollback , please execute the script decrypt_default_conf.sh which will write the plain text default.conf into /tmp/default.conf .
Sample execution :
[Administrator@GaneshDev: vinay] $ sudo ./decrypt_default_conf.sh
Using decrypted keys via decrypt_content.py for updating pg pass
[Administrator@GaneshDev: vinay] $ echo $?
0
[Administrator@GaneshDev: vinay] $
[Administrator@GaneshDev: vinay] $ sudo cat /tmp/default.conf
CONFD_API_USER=restuser
JAVA_MAIL_USERNAME=activate@versa-networks.com
PRIVATE_KEY_PASSWORD=versa123
ENCRYPTION_UTIL_KEY=versa123versa123
BACKUP_ENCRYPT_KEY=pviQMdsp.c12viiGsMWC@
CONFD_API_PASSWORD=versa123
JAVA_MAIL_PASSWORD=Versa@123
PG_DATABASE=vnms
ZTP_URL_PASSWORD=versa123versa123
NETBOX_API_TOKEN=ae5140c21feaf81cfef386ff96b24041f48f995c
PG_USERNAME=vnms
PG_PASSWORD=qS83ZnB76Uz5M3K9UQgbMl08y4aZBlcb
PG_IPAM_DB=netbox
KEYSTORE_PASSWORD=versa123
NETBOX_SECRET_KEY=r8OwDznj!!dciP9ghmRfdu1Ysxm0AiPeDCQhKE+N_rClfWNj
[Administrator@GaneshDev: vinay] $
Step 2 : Copy the /tmp/default.conf to /var/versa/vnms/data/conf/default.conf
Sample :
sudo cp /tmp/default.conf /var/versa/vnms/data/conf/default.conf
Step 3 : Trigger the rollback from CLI: request system rollback to XXXXX
Step 4 : vsh restart
Step 5 : rm –rf /tmp/default.conf
------------------------------------------------------------------------------
Case B: When snapshot was already triggered before performing above steps.
Step 1 : Delete plain text entries from /var/versa/vnms/data/conf/default.conf and perform the above 4 steps of scenario 1
