On May 3rd, 2020, the root certificates that Datto uses to encrypt communication between Datto backup devices and agents is due to expire. In late March, Datto released new agent software to automatically update these certificates. This means that backup points that you created prior to these updates could restore to a state where certificates are expired and may require additional steps after restoration to ensure backups can resume.
- Datto SIRIS
- Datto ALTO
- Datto Windows Agent
- Datto Linux Agent
- ShadowSnap Agent
- Datto Bare Metal Restore
- Datto Image Export
- Datto Rapid Rollback
If, after restoring a system via bare metal restore, image export or rapid rollback, your Datto device displays a banner stating that certificates have expired on your restored agents. You will need to take one or more of the actions listed below.
1. Check the Agent version on your restored machine
Ensure that you have the latest version of the agent software on the machine If you cannot update to the latest version, at a minimum, you will need to be on the latest minor update for the version you are currently using. To determine your current agent version number see How to find your current agent versions below.
Datto Windows Agents
No action should be needed if you are on any of the following versions of DWA:
- DWA 22.214.171.124
- DWA 126.96.36.199
- DWA 188.8.131.52
- DWA 184.108.40.206
- DWA 220.127.116.11 or newer
If a restored machine is not on one of the above versions of DWA, you need to update to the latest version of the Datto Windows Agent (click to download), or for legacy Windows XP, 2003 or Vista machines version 2.0.12 (click to download).
Datto Linux Agents
You need to be running the newest Datto Linux Agent version that is compatible with your Linux distribution. For steps to configure your agent to update to the latest Datto Linux Agent version automatically, see SIRIS, ALTO, and NAS: Creating an auto-update script for the Datto Linux Agent.
For a full list of supported Linux distributions, see SIRIS, ALTO, and NAS: Datto Linux Agent supported Linux distributions.
No update should be required, but we recommend the latest version.
2. Check the IRIS (IBU) version on your Datto device
Verify that all your Datto devices have the newest IRIS release 3.97 installed. This update was pushed automatically from Datto, but you'll want to check to ensure it is installed on your Datto device. You can check which IRIS version you are currently running by going to the homepage of your device GUI, either locally or via the Datto Partner Portal. You'll see the IRIS version listed at the top of the page under Device Information. The first listing next to VERSION is your IRIS version.
How to find your current agent versions
If you're unsure which agent software versions your agents are running; you can generate a full report using Device Audit on the Partner Portal. When creating a Device Audit report, make sure to click Edit before running the report and ensure you've checked the following boxes under Volume Fields:
- Group with device
- Agent Version
The below video walks you through the steps required to check your software version numbers and update your software if needed.
If you require any assistance with this process, contact Datto Technical Support.