This issue might sound quite similar to Duplicati won’t accept server DB encryption key after upgrade to 2.2.0.0_stable but the solution mentioned there seems not to work.
I had duplicati-2.1.0.5_stable_2025-03-04-win-x64-gui running on a machine (Win11 x64) with server DB encryption enabled:
"C:\Program Files\Duplicati 2\Duplicati.GUI.TrayIcon.exe" --secret-provider=wincred:// --settings-encryption-key=$duplicati-server
In Windows Credential Manager I had an entry with internet or network address: duplicati-server and the DB password in the password field.
I wanted to update Duplicati to duplicati-2.2.0.3_stable_2026-01-06-win-x64-gui and remembered the issue in the linked thread that Duplicati might have used the literal string "duplicati-server” instead of the password associated with that key for DB encryption. So I followed the instructions in the thread and first decrypted the DB:
C:\Windows\System32>"C:\Program Files\Duplicati 2\Duplicati.GUI.TrayIcon.exe" --settings-encryption-key=$duplicati-server --disable-db-encryption
Then I updated Duplicati using the installer and launched it using following parameters to re-encrypt the DB:
C:\Windows\System32>"C:\Program Files\Duplicati 2\Duplicati.GUI.TrayIcon.exe" --secret-provider=wincred:// --settings-encryption-key=$duplicati-server
Other then expected, Duplicati crashed, indicating that it does not find a credentials entry with the key duplicati-server:
C:\Windows\System32>Crash!
System.Collections.Generic.KeyNotFoundException: The key 'duplicati-server' was not found
at Duplicati.Library.SecretProvider.WindowsCredentialManagerProvider.ResolveSecretsAsync(IEnumerable`1 keys, CancellationToken cancellationToken)
at Duplicati.Library.Main.SecretProviderHelper.SecretProviderCached.ResolveSecretsAsync(IEnumerable`1 keys, CancellationToken cancellationToken)
at Duplicati.Library.Main.SecretProviderHelper.ReplaceSecretsAsync(ISecretProvider provider, Uri[] realUriArguments, Uri[] internalUriArguments, Dictionary`2 options, String matchpattern, CancellationToken cancelToken)
at Duplicati.Library.Main.SecretProviderHelper.ApplySecretProviderAsync(Uri[] realUriArguments, Uri[] internalUriArguments, Dictionary`2 options, String persistedFolder, ISecretProvider fallbackProvider, CancellationToken cancellationToken)
at Duplicati.Library.Utility.Utility.Await[T](Task`1 task)
at Duplicati.GUI.TrayIcon.Program.Main(String[] _args)
at Duplicati.GUI.TrayIcon.Net8.Program.<>c__DisplayClass0_0.<Main>b__0()
at Duplicati.Library.Crashlog.CrashlogHelper.WrapWithCrashLog[T](Func`1 method)
Unhandled exception. System.Collections.Generic.KeyNotFoundException: The key 'duplicati-server' was not found
at Duplicati.Library.SecretProvider.WindowsCredentialManagerProvider.ResolveSecretsAsync(IEnumerable`1 keys, CancellationToken cancellationToken)
at Duplicati.Library.Main.SecretProviderHelper.SecretProviderCached.ResolveSecretsAsync(IEnumerable`1 keys, CancellationToken cancellationToken)
at Duplicati.Library.Main.SecretProviderHelper.ReplaceSecretsAsync(ISecretProvider provider, Uri[] realUriArguments, Uri[] internalUriArguments, Dictionary`2 options, String matchpattern, CancellationToken cancelToken)
at Duplicati.Library.Main.SecretProviderHelper.ApplySecretProviderAsync(Uri[] realUriArguments, Uri[] internalUriArguments, Dictionary`2 options, String persistedFolder, ISecretProvider fallbackProvider, CancellationToken cancellationToken)
at Duplicati.Library.Utility.Utility.Await[T](Task`1 task)
at Duplicati.GUI.TrayIcon.Program.Main(String[] _args)
at Duplicati.GUI.TrayIcon.Net8.Program.<>c__DisplayClass0_0.<Main>b__0()
at Duplicati.Library.Crashlog.CrashlogHelper.WrapWithCrashLog[T](Func`1 method)
at Duplicati.GUI.TrayIcon.Net8.Program.Main(String[] args)
This is what Duplicati.CommandLine.SecretTool.exe reports when testing the credentials use:
C:\Program Files\Duplicati 2>Duplicati.CommandLine.SecretTool.exe test wincred:// duplicati-server
Exception: System.Collections.Generic.KeyNotFoundException: The key 'duplicati-server' was not found
at Duplicati.Library.SecretProvider.WindowsCredentialManagerProvider.ResolveSecretsAsync(IEnumerable`1 keys, CancellationToken cancellationToken)
at Duplicati.CommandLine.SecretTool.Program.RunTest(String secretUrl, String[] secrets)
at System.CommandLine.NamingConventionBinder.CommandHandler.GetExitCodeAsync(Object returnValue, InvocationContext context)
at System.CommandLine.NamingConventionBinder.ModelBindingCommandHandler.InvokeAsync(InvocationContext context)
at System.CommandLine.Invocation.InvocationPipeline.<>c__DisplayClass4_0.<<BuildInvocationChain>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass17_0.<<UseParseErrorReporting>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass12_0.<<UseHelp>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass22_0.<<UseVersionOption>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass19_0.<<UseTypoCorrections>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c.<<UseSuggestDirective>b__18_0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass16_0.<<UseParseDirective>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c.<<RegisterWithDotnetSuggest>b__5_0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass8_0.<<UseExceptionHandler>b__0>d.MoveNext()
Remembering the issues with characters such as - in the key name I added a second entry in Windows Credentials Manager without that character: duplicatiserver
However, the Duplicati.CommandLine.SecretTool.exe also does not find that entry:
C:\Program Files\Duplicati 2>Duplicati.CommandLine.SecretTool.exe test wincred:// duplicatiserver
Exception: System.Collections.Generic.KeyNotFoundException: The key 'duplicatiserver' was not found
at Duplicati.Library.SecretProvider.WindowsCredentialManagerProvider.ResolveSecretsAsync(IEnumerable`1 keys, CancellationToken cancellationToken)
at Duplicati.CommandLine.SecretTool.Program.RunTest(String secretUrl, String[] secrets)
at System.CommandLine.NamingConventionBinder.CommandHandler.GetExitCodeAsync(Object returnValue, InvocationContext context)
at System.CommandLine.NamingConventionBinder.ModelBindingCommandHandler.InvokeAsync(InvocationContext context)
at System.CommandLine.Invocation.InvocationPipeline.<>c__DisplayClass4_0.<<BuildInvocationChain>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass17_0.<<UseParseErrorReporting>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass12_0.<<UseHelp>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass22_0.<<UseVersionOption>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass19_0.<<UseTypoCorrections>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c.<<UseSuggestDirective>b__18_0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass16_0.<<UseParseDirective>b__0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c.<<RegisterWithDotnetSuggest>b__5_0>d.MoveNext()
--- End of stack trace from previous location ---
at System.CommandLine.Builder.CommandLineBuilderExtensions.<>c__DisplayClass8_0.<<UseExceptionHandler>b__0>d.MoveNext()
I think that I had used Duplicati.CommandLine.SecretTool.exe also in 2.1.0.5 and not encountered that error but is has been a long time since then, so I am not 100% sure. I thought I might verify that by downloading the duplicati-2.1.0.5_stable_2025-03-04-win-x64-gui.zip and running its Duplicati.CommandLine.SecretTool.exewithout installing it but it seems it can not run without installing, indicating a compatibility problem:
C:\Users\user\Downloads\duplicati-2.1.0.5_stable_2025-03-04-win-x64-gui>Duplicati.CommandLine.SecretTool.exe test wincred:// duplicati-server
Die Version von C:\Windows\system32\Duplicati.CommandLine.SecretTool.exe ist mit der ausgeführten Windows-Version nicht kompatibel. Überprüfen Sie die Systeminformationen des Computers, und wenden Sie sich anschließend an den Herausgeber der Software.
I still can launch Duplicati 2.2.0.3 if I omit the command line arguments but (as expected) it warns me that the server DB is currently unencrypted.
What could be preventing Duplicati 2.2.0.3 from successfully reading the server DB encryption password from Windows Credentials Manager?