The R1Soft Server Backup Manager is one of the most popular backup utilities for use by server vendors and MSPs, but the software have many issues that exists due to poor maintenance of their codebase.

Recently I ran into issues when attempting to send mail using the built-in reporting feature where it would refuse to connect to a mailserver.
In this case the issue in this case was caused by R1Soft not providing support for the latest Sectigo CA-bundle within their CA certificate store and I suspect there is many other certificate vendors that they do not provide support for.

The issue is fairly easy to resolve and for the sake of keeping this easy I have created the following script that rebuilds the CA-bundle automatically.

#!/bin/bash
set -e
CAFN="cacert-$(date +"%m_%d_%Y").pem"
CAS="https://curl.haxx.se/ca/cacert.pem"

curl -o /tmp/${CAFN} ${CAS}
if [ -f "/tmp/${CAFN}" ] ; then
  java -jar keyutil-0.4.0.jar --import --new-keystore cacerts --password changeit --import-pem-file /tmp/${CAFN} --force-new-overwrite
fi

read -p "Overwriting existing CA-bundle in R1Soft folder. Are you sure? y/n " -n 1 -r
printf "\n\n"
if [[ $REPLY =~ ^[Yy]$ ]] ; then
  mv /usr/sbin/r1soft/jre/lib/security/cacerts /usr/sbin/r1soft/jre/lib/security/cacerts_bk_$(date +"%Y%m%d")
  cp -f cacerts /usr/sbin/r1soft/jre/lib/security/cacerts
  echo "Done! The CA-certificate bundle should be valid once SBM daemon have been reloaded."
else
  echo "Done! The bundle have been saved in $(pwd)/cacerts."
fi

For the script to work, install Java and download a copy of keyutil in the folder you wish to run the script from.