Follow

Backup failed - This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms

Problem

This error is logged when attempting backup from Kaseya: -

Backup failed - Backup process could not start because of the following error: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms. at System.Security.Cryptography.SHA256Managed..ctor() 
at SHAHashing.SHAHashing.CalculateSHA256(String text) 
at SHAHashing.SHAHashing.HashAndUnmask(String encryptedText, String keyMaskString) 
at KaseyaBackupCmd.KaseyaBackupCmd.GetUnmaskedPassword(String user, String coverPass, VSAEncryptionAlgorithm encryptionType) 
at KaseyaBackupCmd.KaseyaBackupCmd.DetermineNetworkPasswordToUse(String user, String coverPass, VSAEncryptionAlgorithm encryptionType, String acronisEncryptPath, String kaseyaTempDirectory, String& passwordToUse, NetworkPasswordType& passwordType) 
at KaseyaBackupCmd.KaseyaBackupCmd.RunVolumeBackup() 
at KaseyaBackupCmd.Program.Run(String[] args)

 

Cause

The Windows environment is configured to use FIPS encryption, which conflicts with encryption of agent credentials when running backups.

Solution

Disable FIPS compliant encryption policy in Windows on the Backup agent machine: -

1) Go to Start > Control Panel > Administrative tools > Local Security Policy. The Group Policy dialog appears. 
2) Under the "Local Policies" heading, select "Security Options" and look for the entry, "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing." 
3) If this entry is enabled, disable it.

Also check if similar policy is applied at domain level. If so, disable it there too.

4) open the registry editor and browse to the following path. Make sure this registry subkey is set to 1:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\fipsalgorithmpolicy

Applies to

Kaseya VSA (Backup module) - v6.5 and later

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Article is closed for comments.