Hi, the answer to your question is that environment variables used for a config setting DO need to be uppercased. The documentation about this can be found in Docker configuration: https://www.elastic.co/guide/en/kibana/current/docker.html#environment-variable-config as environment variables are often used to run customized Docker containers.
If the environment variable with your encryption key can't be found by Kibana, it will generate a random one, which means other Kibana instances have different encryption keys, and they'll only be allowed to decrypt the reports they created... until they restart.
If Kibana is generating a random encryption key, a warning log about this will be printed in the Kibana console at startup.