69885: Acronis Cyber Protect Cloud, Acronis Cyber Protect 15: Agent installation fails with "Windows cannot verify the digital signature for this file"

Last update: 15-08-2022

Symptoms

Agent installation or update on Windows Server 2008 / R2, Windows 7, Vista fails with the following error:

Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source

Cause

The issue is caused by SHA-2 digital signatures missing on older Windows systems.

Over the last months, stricter driver signing algorithm enforcement started happening on the Windows side, and Microsoft started using the modern and stronger SHA2/SHA256 cryptographic algorithm for signing code such as drivers and user-space executables. This is all part of the industry-wide initiative to phase out the use of SHA1, which has been deemed no longer sufficiently secure for a few years.

Acronis Agents, starting from C21.02 (Build 26570) have switched to using SHA2/SHA256-bit crypto signatures for the various kernel driver components which the Agent needs to operate.

More information can be found at 2019 SHA-2 Code Signing Support requirement for Windows and WSUS

Solution

The special update supporting SHA-2 code signing should be installed for older Windows platforms before trying to install Acronis Agent:

Tags: