PowerProtect Cyber Recovery: NetWorker Recovery Stops Responding With Error Unable to decrypt data

When running a NetWorker recovery activity from Cyber Recovery, the job finish with the error:

Unable to decrypt data.

The following message is seen in the Cyber Recovery apps.log (/opt/dellemc/cr/var/log/apps/apps.log):

[ERROR] [apps] [appsUtils.go:122 HandleNWResponse()] : Error response is : {Message:Unable to decrypt data: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt Status:{Code:500 Class:Server Error Reason:Internal Server Error}}

[2023-07-06 12:49:15.144] [DEBUG] [apps] [appsUtils.go:129 HandleNWResponse()] : Exiting

[2023-07-06 12:49:15.144] [ERROR] [apps] [RecoverNetWorkerApp.go:1248 NWUnmountDevices()] : Unable to get NW devices. NetWorker Error is Unable to decrypt data: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt

 
The following message is seen in the NetWorker daemon.log: 

backup.server nsrsnmd NSR warning 63 Unable to query NSR database for list of configured devices: %s 1 49 136 101059 26 Unable to decrypt data: %s 1 49 91 34245 2 %s 1 24 72 error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt

This is an issue with the NetWorker lockbox.

The Lockbox stores System Stable Values (SSV) in order to determine and validate the authenticity of the host, as the same host that should have access to the different NetWorker resources whose passwords are encrypted.

In order to decrypt and encrypt the password, the lockbox's stored host fingerprint is used. If the validation fails (that is, the system interprets there are many different SSV), the password decryption fails.

Intervention from Dell Technical Support personnel is required to assess and resolve this issue. Contact Dell Technical Support, and reference this Dell article ID.