Did an update break restic's ability to connect to B2 in Windows?

Hey everyone. Edited this post to make it more clear.

I love restic and I am going to post about the amazing success I have achieved with it using a bit of in a separate message. But I am kind of in trouble and could really use some assistance if anyone can help.

A Windows 10 machine I had backing up to b2 (and working amazingly) simply stopped a few days ago. It is now hanging trying to open the repo. I have accessed the b2 repo (and added data) since from another location successfully so it isn’t the repo (and the repo passes a restic check).

I initialized a local repo on the machine to rule out the binary being corrupted or malware-blocker stopping the binary from executing. The local repo works fine.

Returning to my problem with B2, It hangs with absolutely no information except “Opening repository” even in verbosity 2 so I have absolutely no clue what is going on. Not aware of any change in networking or anything at the site or on the machine it runs on EXCEPT windows update. This leads me to wonder if this is a certificate issue or if a recent windows update has screwed me up or what might be causing this.

I have reviewed the windows system event viewer and do not see anything showing up there.

Is there a way to get a very detailed log out of Restic?

Any help or advice appreciated.

Did I understand correct that restic hangs also with a completely local repo?

No I am sorry, the opposite. It is NOT hanging with a local repo. It’s B2 that has suddenly stopped working after working hundreds of times before. Oh my god I totally worded that horribly. I am going to edit the post.

Out of curiosity, are you using the b2 S3 backend, or just the regular b2 backend? Whichever you’re using, you might try the other. Details in the documentation.

You might also downgrade to v0.14 - I’ve had a lot of trouble with v0.15.1 lately, though mostly with lock timeouts with b2 and SharePoint via Rclone.


Thank you, a new feature!! I remember looking years ago and there didn’t seem to be a way!

Oh I just realized you provided both answers, akrabu. Thanks so much. SO, I learned some interesting stuff today. I am going to post about it comprehensively here in the hopes it will save someone else the days (and maybe weeks) of anguish I suffered.

The log file tip was a huge help and produced this error: x509 certificate is valid for (machine at spscld.net) not (machine at backblazeb2.com)

I did try reconfiguring for S3 and got essentially the same error except it went further and told me that the failure happened on trying to open the config file. I had seen in the debug log that it was endlessly retrying accessing the config file so I had already found some posts about missing config files. Same repo was working from another machine on another network, so I was starting to think there was a man in the middle attack going on or something. And it turns out I was kind of right.

The internet service of the organization I was working on backing up is Comcast Business and a feature had somehow been turned on called SecurityEdge. It has several features intended to protect from Phishing attacks and also some web content filtering and I am not sure which feature we got caught up in. My guess would be the phishing protection.

The moment I turned that off and ran a backup configured for B2 it ran with no errors. Comcast was the man in the middle. Honestly I would like to use the anti-phishing features with comcast, so I have to figure out how to get backblaze on the allowed list. In any event, hopefully posting this will help someone else in the future. If your error message simply says the config file is missing, dig deeper and make sure it’s not a mismatch of the machine/domain names on the certificate.

Thanks everyone.