Rapid Recovery

Trying to install a cert for the Rapid Recovery Agent

Has anyone had any success installing a certificate for the Rapid Recovery Agent?  When I put in the thumbprint and restart the recovery service, it replaces the thumbprint I entered.  I was following kb 117531.  Any help would be appreciated.  Thanks!

  • This has never worked for us. I have opened cases and they cant figure out a solution. So there is always a warning when trying to open the Rapid Recovery GUI. It is embarrassing because it comes up at almost every install. Support will give you work-around's (but none seem to work) and tell you this cant be fixed

    226273 is another TN but it does not solve the issue either.
  • Thanks for the info. It's crazy that Quest hasn't fixed this issue by now.
  • I installed an agent certificate a few times without facing any issues at all. In my case the customers had to use SHA-2 certificates while keeping AppAssure 5.4.3 agents.
    Basically I created a self signed certificate with an exportable key (won't work otherwise), copied it in the Certs Store on the Agent -- Trusted Root Certification Authority, enabled it specifically for all purposes and replaced the thumbprint in the Agent Registry. The idea is that when the agent starts up it checks the thumbprint in the Certificate store and if it finds it, it uses the certificate already there. Please note that you need to replace the Cert thumbprint for two reg key values (AppAssure/RapidRecovery can use two certificates if needed but you are fine with just one).
    The Agent protection needs to be repaired as the core has the old agent certs.
    If you are using an AppAssure 5.4.3 core, there is a patch that makes it understand SHA-2 certs.

    Just two caveats:
    1. If you create your own cert, it will be placed most likely in your Personal Certs Store branch. You need to export it (including the key) and re-import it in the Trusted Root Certs Store.

    2. If you install a Sha2 cert, the thumbprint is still sha1 -- this is normal as the thumbprint is used just in place of the cert name.

    Hope that this helps.

    Anyway, that is all that is to it. If you have some difficulties implementing the solution, please open a case with us.

  • I had a case open and when the work-around's failed, the exact reply to me was "Thank you for the reply, unfortunately at this point we only have those workarounds for this certificate issue" No further troubleshooting was available

    I think we (I) are talking about 2 different issues. I was talking about the fact that opening the Core Console constantly gives warnings and you have to click through several things to get it to open. That is what is embarrassing
  • In my case I did not have such an issue. Do you still have the case# so I take a look?