Agent installation fails with "Windows cannot verify the digital signature for this file"
Symptoms
Agent installation or update on Windows Server 2008 / R2, Windows 7, Vista fails with the following error:
Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source
Cause
The issue is caused by SHA-2 digital signatures missing on older Windows systems.
Over the last months, stricter driver signing algorithm enforcement started happening on the Windows side, and Microsoft started using the modern and stronger SHA2/SHA256 cryptographic algorithm for signing code such as drivers and user-space executables. This is all part of the industry-wide initiative to phase out the use of SHA1, which has been deemed no longer sufficiently secure for a few years.
Acronis Agents, starting from C21.02 (Build 26570) have switched to using SHA2/SHA256-bit crypto signatures for the various kernel driver components which the Agent needs to operate.
More information can be found at 2019 SHA-2 Code Signing Support requirement for Windows and WSUS
Solution
The special update supporting SHA-2 code signing should be installed for older Windows platforms before trying to install Acronis Agent:
- Windows 7 SP1 / Server 2008 / Server 2008 R2 need to install the following security updates (or apply all available updates in Windows Update):
- Microsoft support for Windows Vista has ended in 2017. Windows Vista does not have a security update for SHA-2 support, so Acronis Cyber Protect Agent can no longer be installed on this operating system.
Related Articles
Issues when using backup agents newer than 15.0.26321(C21.01 HF1) on OSes related to Windows 7, when the SHA-2 code signing support patch/update from Microsoft is not installed
Affected environments: The issue happens on the following operating systems when when the SHA2/SHA256 support patches from Microsoft have not been installed, or have been installed only recently (after encountering problems with backups): Windows ...Acronis Cyber Protect Self Installation
Received activation email but not sure what to do next? We are here to help. Please follow these steps. Step 1 – Activating and Accessing your Acronis Console Your activation email should look like this. Click on “Activate account”. Now you ...Acronis Cyber Protect Cloud - Implementation Guide
1. Which agent do I need? Selecting an agent depends on what you are going to back up. The table below summarizes the information, to help you decide. In Windows, Agent for Exchange, Agent for SQL, Agent for Active Directory, and Agent for Oracle ...Acronis Cyber Protect Cloud: Agent installation fails with "Failed to install the Visual C++ Redistributable Package"
Symptoms Agent installation on a Windows machine fails with the following error: Error 0x627536: Failed to install the Visual C++ Redistributable Package Cause Windows Update KB2919355 is not installed on the system. This update is mandatory for ...Acronis Cyber Protect Cloud, Acronis Cyber Protect: Backup fails with "Failed to open the backup location. Windows error: (0x80070002) The system cannot find the file specified"
Symptoms Backup, replication or another activity fails with: The path <path> does not exist. For example: The path "F:/" does not exist. Or, in older builds: Windows error: (0x80070002) The system cannot find the file specified HideExample of full ...