Updating the omnibus container 8.x-> 8.11 launches without error, but then runs into OpenSSL::Cipher::CipherError instead of informing about an outdated config right at launch

Since recently (might or might not be related to a recent minor upgrade), I get 500 error trying to access any of my project pages (project admin settings, git push, issue tracker still work fine). I see the following entries inside /var/log/gitlab/gitlab-rails/production.log:

Started GET "/JonasT/wobbly" for 172.17.0.4 at 2016-08-27 21:01:16 +0000
Processing by ProjectsController#show as HTML
  Parameters: {"namespace_id"=>"JonasT", "id"=>"wobbly"}
Completed 500 Internal Server Error in 58ms (ActiveRecord: 10.4ms)

OpenSSL::Cipher::CipherError (bad decrypt):
  app/models/project.rb:489:in `import_url'
  app/models/project.rb:525:in `external_import?'
  app/models/project.rb:517:in `import?'
  app/models/project.rb:533:in `import_in_progress?'
  app/controllers/projects_controller.rb:94:in `show'
  lib/gitlab/request_profiler/middleware.rb:15:in `call'
  lib/gitlab/middleware/go.rb:16:in `call'

Other past issues with this error seem to indicate a problem with one of those files:

• /var/opt/gitlab/gitlab-rails/etc/secrets.yml
• /etc/gitlab/gitlab-secrets.json

However, both files are still present and there is at least nothing obviously wrong with them. (I use the gitlab-ce omnibus container and they are in persistant volumes on the host, so I didn't wipe or replace them or anything when upgrading)

Is there anything obvious I can do to repair this? I did briefly upgrade openssl to a slightly newer version but reverted it due to other unrelated reasons, is this potentially the cause? Do I need to recreate all my projects manually with exporting/importing the issues etc or is there a simpler way? (because that sounds like a lot of potentially unnecessary manual work)