Horizon recently introduced the server side encryption feature that secures files with AES-256-CTR encryption on the server side.
When uploading files with server side encryption enabled, uploaded files are subsequently encrypted on the server with a randomly generated password (key) that is discarded after use. Horizon does not keep track of server side encryption keys, as this would defeat its purpose. Users are responsible for keeping record of these keys if they wish to decrypt it at a later date.
"Unable to decrypt" means that the key provided in the URL (the text after the ?k=
query parameter) was empty or incorrect.
Decryption requires the original generated key, otherwise nobody, including Horizon staff and operators, can decrypt it, as we do not keep track of keys.
If you did not store the decryption key, the best course of action is to delete the file and re-upload if possible.