diff --git a/app/Console/Commands/Integrity/RestoreOAuthKeys.php b/app/Console/Commands/Integrity/RestoreOAuthKeys.php
index 4144ebcfbe..a9bc0f1e78 100644
--- a/app/Console/Commands/Integrity/RestoreOAuthKeys.php
+++ b/app/Console/Commands/Integrity/RestoreOAuthKeys.php
@@ -74,8 +74,16 @@ class RestoreOAuthKeys extends Command
         }
         if ($this->keysInDatabase() && !$this->keysOnDrive()) {
             Log::debug('Keys are in DB and keys are not on the drive. Restore.');
-            $this->restoreKeysFromDB();
-            $this->line('Restored OAuth keys from database.');
+            $result = $this->restoreKeysFromDB();
+            if(true === $result) {
+                $this->line('Restored OAuth keys from database.');
+
+                return;
+            }
+            Log::warning('Could not restore keys. Will create new ones.');
+            $this->generateKeys();
+            $this->storeKeysInDB();
+            $this->line('Generated and stored new keys.');
 
             return;
         }
@@ -124,8 +132,8 @@ class RestoreOAuthKeys extends Command
     /**
      *
      */
-    private function restoreKeysFromDB(): void
+    private function restoreKeysFromDB(): bool
     {
-        OAuthKeys::restoreKeysFromDB();
+        return OAuthKeys::restoreKeysFromDB();
     }
 }
diff --git a/app/Support/System/OAuthKeys.php b/app/Support/System/OAuthKeys.php
index 646a28e328..97e0dcc8d5 100644
--- a/app/Support/System/OAuthKeys.php
+++ b/app/Support/System/OAuthKeys.php
@@ -27,6 +27,7 @@ namespace FireflyIII\Support\System;
 use Artisan;
 use Crypt;
 use FireflyIII\Exceptions\FireflyException;
+use Illuminate\Contracts\Encryption\DecryptException;
 use Laravel\Passport\Console\KeysCommand;
 use Log;
 use Psr\Container\ContainerExceptionInterface;
@@ -117,18 +118,30 @@ class OAuthKeys
     }
 
     /**
-     *
+     * @return bool
      */
-    public static function restoreKeysFromDB(): void
+    public static function restoreKeysFromDB(): bool
     {
         $privateKey     = (string)app('fireflyconfig')->get(self::PRIVATE_KEY)?->data;
         $publicKey      = (string)app('fireflyconfig')->get(self::PUBLIC_KEY)?->data;
-        $privateContent = Crypt::decrypt($privateKey);
-        $publicContent  = Crypt::decrypt($publicKey);
+        try {
+            $privateContent = Crypt::decrypt($privateKey);
+            $publicContent  = Crypt::decrypt($publicKey);
+        } catch(DecryptException $e) {
+            Log::error('Could not decrypt pub/private keypair.');
+            Log::error($e->getMessage());
+
+            // delete config vars from DB:
+            app('fireflyconfig')->delete(self::PRIVATE_KEY);
+            app('fireflyconfig')->delete(self::PUBLIC_KEY);
+
+            return false;
+        }
         $private        = storage_path('oauth-private.key');
         $public         = storage_path('oauth-public.key');
         file_put_contents($private, $privateContent);
         file_put_contents($public, $publicContent);
+        return true;
     }
 
 }