Certificate renewal errors for Backblaze b2
I'm using Cloudberry Backup Personal Edition
for Linux, running on Debian, but I've been running into problems with the new upstream Backblaze B2 certificate not being trusted after the old one expired, even after I tell Cloudberry to trust it.
Specifically, a week ago my scheduled backups started reporting errors, which turned out to be from an invalid certificate. The Backblaze B2 cert had expired, which would happen every year. When I went to edit the backup storage settings, the Cloudberry app (with a pop-up dialog) gave me an option to trust the new certificate, which expires almost a year from now.
I checked the certificate and clicked the Trust Certificate button, but a few seconds later the same dialog displays again. It displays repeatedly every time I click the Trust Certificate button. The backups continue to fail. Even if I attempt to create a *new* backup storage configuration with a new app ID from Backblaze, Cloudberry displays the same behaviour.
If I open Cloudberry Backup's network settings, it tells me that the new certificate which expires a year from now is trusted. Furthermore, if I browse to my /opt/local/Online Backup/00000000-0000-0000-0000-000000000000/config/certs directory and view the contents of the trustedCerts.pem file, I can see multiple copies of the same cert. With some experimentation, I think it's appending the new certificate to that file every time I click the Trust Certificate button, but for whichever reason the rest of the app doesn't seem to recognise it as trusted. I've experimentally tried a couple of full system restarts, just in case there's a service somewhere that needed to refresh its view of the cert file, but that hasn't worked either.
I *can* get backup's to work if I edit Cloudberry Backup's network settings and tell it to ignore SSL certificates, but obviously this isn't ideal because I'd like it to be verifying the backup destination with SSL.
Does anyone happen to know if this is a known issue, and has it been fixed in a more recent version? I hadn't realised until now that my licence expired in August. I can't see anything obvious in the release notes I can find, but it's very possible I've missed something. I'll happily renew it to download the latest version, but if the product's going to keep doing this then I'm not sure I want to pay for an update.
Thanks for any help.
check this post to see if the solution helps.
Hi David. Thanks for the reference but unfortunately I can't figure out how to apply it to my situation. That thread seems to be referring to some kind of Windows key exchange bug, but I can't see how it'd apply to Cloudberry Backup running in Linux. (Apologies if I've missed something in that thread.)
As far as I can tell, the problem I'm having seems to more to do with Cloudberry Backup simply refusing to acknowledge an updated cert from Backblaze B2, even after I've told it to trust it. It just repeatedly asks me to trust the certificate, then acts as if it hasn't noticed I clicked the Trust button whilst still appending identical copies of the new certificate to its trustedCerts.pem configuration file.
Let me check with Support.
supports recommending you upgrade to the latest version of the product, as that version has resolved similar issues with other customers.
Sign in or register to add a comment.
Add a Comment
Welcome to MSP360 Forum!
MSP360 Managed Products
Managed Backup - General
Managed Backup Windows
Managed Backup Mac
Managed Backup Linux
Managed Backup SQL Server
Managed Backup Exchange
Managed Backup Microsoft 365
Managed Backup G Workspace
Backup for Linux
Backup SQL Server
Connect Free/Pro (Remote Desktop)
Cloudberry Linux / Backblaze B2 - file count issue
File restore from Backblaze B2 bucket using Cloudberry
Cloudberry (Linux) backup to Backblaze B2
Backblaze B2 - what lifecycle settings for bucket I should use?
Terms of Service
Useful Hints and Tips
Created with PlushForums
© 2023 MSP360 Forum