Skip to main content

Hi Community,

Recently i install Veeam Agent on Windows Server 2008 R2 via VBR 12 Inventory and got an error  

Failed to Verify C:\Windows\Veeam\Backup\Upload\VeeamDeploymentDll.dll Signature

 

I found this page https://www.veeam.com/kb4677 and explain 2 possible causes

  1. Antivirus Block → 
  1. Root and Intermediate CA is missing

To confim the issue we look at C:\ProgramData\Veeam\Backup\Svc.VeeamInstaller.log and got

Failed to verify file using the Authenticode provider. Verification status: A certificate chain could not be built to a trusted root authority. (-2146762486), last error: A certificate chain could not be built to a trusted root authority.

 

All are pointing to Certificate Issue, so i install all CA listed on Veeam here https://helpcenter.veeam.com/docs/backup/vsphere/trusted_root_certificates.html?ver=120.

After installing all CA still got same issue here. Are i missing something here? 

Any insight would be appreciated!

 

Hey hey, 

 

With Win2008, might just be that the version of Veeam you’re using required a certificate that’s no longer required in newer versions

 

C:\program Files\Veeam\Backup and Replication\Backup\Packages

Look for the VeeamInstallerSvc.msi there (on the Backup Server itself) and follow the SigCheck instructions from this KB: https://www.veeam.com/kb2566

See which is not on the machine.


@rifkifn  Windows 2008 R2 only supported SHA-1 originally. Veeam binaries are signed with SHA-256

Make sure that update KB3033929 and KB4474419 is installed in the OS to verify the Veeam binaries that are signed with SHA-2

https://support.microsoft.com/en-us/topic/microsoft-security-advisory-availability-of-sha-2-code-signing-support-for-windows-7-and-windows-server-2008-r2-march-10-2015-d1b1b28c-b7fa-2902-f5a2-dc533812df7a