Quantcast
Channel: Veeam Support Knowledge Base
Viewing all articles
Browse latest Browse all 4506

“Failed to retrieve certificate” When Adding AWS Snowball Edge Device

June 25, 2025, 5:00 pm
$
0
0

"Failed to retrieve certificate" when adding AWS Snowball Edge

KB ID: 4746
Product: Veeam Backup & Replication | 12 | 12.1 | 12.2 | 12.3 | 12.3.1 | 12.3.2
Published: 2025-06-26
Last Modified: 2025-06-26
Article Applicability

The error message documented in this article can also occur when the Service point specified is invalid or cannot be reached due to a firewall.

This article is specifically regarding a situation in which the correct Service point has been provided, but the Veeam Backup & Replication software is unable to retrieve the certificate due to AWS releasing a new Snowball Edge device that has an EMS extension on TLS connection.

Challenge

When adding an AWS Snowball Edge device to Veeam Backup & Replication, the following error occurs:

Failed to retrieve certificate from <url>
Error

Cause

Recent changes in the software used by the AWS Snowball Edge devices causes Veeam Backup & Replication to fail when attempting to retrieve the certificate.
Click to Expand and View Log Samples 
cli      | -------------------------------------------------------------------------------
cli      | Network.RetrieveSslCertificate
cli      |   (EString) HostName = 10.0.0.42
cli      |   (EInt32) Port = 8443
cli      |   (EInt32) TimeoutSec = 60
cli      | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
net      | Retrieving certificate for 10.0.0.42:8443
net      | WARN|Handshake failed with 'sslv3 alert handshake failure'
net      | Retrieving certificate for 10.0.0.42:8443 Failed.
cli      | WARN|Failed to retrieve certificate, retrying
cli      | >>  |Failed to retrieve SSL certificate. Underlying error: sslv3 alert handshake failure
net      | Retrieving certificate for 10.0.0.42:8443

Info (3) [PublicCloudCertificateLoader] Loading certificate for 'https://10.0.0.42:8443'
Info (3) [AP] (23ee9c4a) command: 'Invoke: Network.RetrieveSslCertificate { (EString) HostName = 10.0.0.42; (EInt32) Port = 8443; (EInt32) TimeoutSec = 60; }'
Info (4) [AP] (23ee9c4a) output: <VCPCommandResult result="false" exception="Failed to retrieve SSL certificate. Underlying error: sslv3 alert handshake failure&#x0A;Agent failed to process method {Network.RetrieveSslCertificate}." />
Info (4) [AP] (23ee9c4a) output: >
Error (3) Failed to retrieve SSL certificate. Underlying error: sslv3 alert handshake failure
Error (3) Agent failed to process method {Network.RetrieveSslCertificate}.
Error (3) (System.AggregateException)
Error (3) Failed to retrieve SSL certificate. Underlying error: sslv3 alert handshake failure (Veeam.Backup.Common.CCppComponentException)
Error (3) Agent failed to process method {Network.RetrieveSslCertificate}.

Solution

Option 1: Force Veeam Backup & Replication to Connect Using HTTP

As the AWS Snowball device is a temporary local device, forcing connectivity via HTTP is the simplest way to enable access.

This registry value will function for all versions of Veeam Backup & Replication 12.x.

  1. On the Veeam Backup Server, create the following registry value.

    Key Location:     HKLM\SOFTWARE\Veeam\Veeam Backup and Replication\
    Value Name: SOBRArchiveS3DisableTLS
    Value Type: DWORD (32-Bit) Value
    Value Data: 1

    PowerShell command to create the registry value:
New-ItemProperty -Path 'HKLM:\SOFTWARE\Veeam\Veeam Backup and Replication\' -Name 'SOBRArchiveS3DisableTLS' -Value "1" -PropertyType DWORD -Force
  1. Connect to the AWS Snowball device using port 8080 (e.g., http://10.0.0.42:8080/).
  2. After the AWS Snowball device has left the environment, remove the registry value.

Option 2: Install Hotfix

A hotfix was developed for Veeam Backup & Replication 12.3.2. This hotfix replaces the VeeamAgent.exe executables used by the Veeam Backup & Replication software to connect to the AWS Snowball device, and must be implemented on the Veeam Backup Server and all Gateway Servers that will need access to the AWS Snowball device.

  1. Ensure that all jobs, restores, and tasks have reached a stopped state.
    All tasks must be stopped to ensure that the VeeamAgent.exe is not locked when attempting to replace it in the next step.
  2. On the Veeam Backup Server and all Gateway Servers that will need to access the AWS Snowball, replace the following files with the ones from the hotfix package:
    • C:\Program Files (x86)\Veeam\Backup Transport\x64\VeeamAgent.exe
    • C:\Program Files (x86)\Veeam\Backup Transport\x86\VeeamAgent.exe
  3. Reattempt adding the AWS Snowball device to Veeam Backup & Replication.
    Note: There is no need to restart any services, since the VeeamAgent.exe executables are only run by the services as needed.
Download Hotfix

Filename: KB4746_20240619_1008369.zip

MD5: 98C1D767F31A093A3904E79829691226
SHA1: 17A8C873BF7F655F3CD6E405E70612316D48A68B

To submit feedback regarding this article, please click this link: Send Article Feedback
To report a typo on this page, highlight the typo with your mouse and press CTRL + Enter.
Search
Viewing all articles
Browse latest Browse all 4506

Trending Articles

Bath man appears in court charged with attempted murder of a man...

March 16, 2015, 7:37 am

MACLEAN, Allan

July 30, 2019, 6:00 am

Black Angus Grilled Artichokes

July 16, 2016, 4:37 pm

Practice Sheet of Right form of verbs for HSC Students

September 22, 2019, 11:40 pm

Police blotter for Jan. 12

January 12, 2018, 3:30 am

99 God Status for Whatsapp, Facebook

June 5, 2016, 11:46 pm

Rajasthan Board 12th Science Result 2018 name wise- RBSE 12th commerce result...

May 26, 2018, 9:35 pm

Notorious Naushad of Ippa gang nabbed

July 19, 2019, 6:37 am

Child Kidnapping: Amy McNeil was kidnapped on her way to school by 5 adults;...

February 5, 2017, 10:40 am

Sonible Smartlimit v1.1.5-R2R

April 16, 2024, 7:10 am

NCERT Solutions for Class 9th Sanskrit Chapter 3 पाथेयम्

December 22, 2016, 3:50 am

मतलबी दोस्त स्टेट्स | Matlabi Dost Status in Hindi – Selfish Friends Status

February 13, 2020, 3:12 am

Arrow Flash 2 – Sinhala Dubbed – Episode 23 – 20th March 2016

March 20, 2016, 9:39 am

[GET] AI Traffic Goldmine

July 6, 2025, 4:23 am

[E² Plugin] HDF-Radio

January 26, 2025, 9:02 am

Universal Multi-Patch v1.3 By RADIXX11

January 29, 2018, 2:45 pm

IWAN – Thanks and Praise ( Throw Back Thursday )

March 9, 2016, 11:43 pm

RONALD P SONDERGAARD Arrested by Miami-Dade County Corrections on Mar 03, 2017

March 3, 2017, 6:25 am

मुख मैथुन से उठाएं सेक्स का भरपूर मज़ा, जानें क्या है इसका सही तरीकामुख मैथुन...

May 17, 2020, 2:04 pm

HSSC Excise & Taxation Inspector Result 2017 Scorecard/ Category Wise Merit List

July 29, 2017, 2:44 am
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>