diff --git a/SOURCES/rear-bz1743303-rubrik.patch b/SOURCES/rear-bz1743303-rubrik.patch
index 546cdd1..dce5106 100644
--- a/SOURCES/rear-bz1743303-rubrik.patch
+++ b/SOURCES/rear-bz1743303-rubrik.patch
@@ -1,27 +1,3 @@
-From 9a2e5bf96df70883fc5978471f72d6bd697116e0 Mon Sep 17 00:00:00 2001
-From: Damani <damani@rubrik.com>
-Date: Thu, 26 Sep 2019 08:27:53 -0600
-Subject: [PATCH] Support for Rubrik
-
----
- .gitignore                                    |   3 +
- doc/user-guide/16-Rubrik-CDM.adoc             | 106 ++++++++++++++++++
- usr/share/rear/conf/default.conf              |  11 ++
- .../rear/prep/CDM/default/400_prep_cdm.sh     |   7 ++
- .../prep/CDM/default/450_check_cdm_client.sh  |  13 +++
- .../CDM/default/400_restore_with_cdm.sh       |  19 ++++
- .../410_use_replica_cdm_cluster_cert.sh       |  43 +++++++
- .../CDM/default/430_gen_rbs_uuid_for_cdm.sh   |  29 +++++
- .../verify/CDM/default/450_start_cdm_rbs.sh   |  17 +++
- 9 files changed, 248 insertions(+)
- create mode 100644 doc/user-guide/16-Rubrik-CDM.adoc
- create mode 100644 usr/share/rear/prep/CDM/default/400_prep_cdm.sh
- create mode 100644 usr/share/rear/prep/CDM/default/450_check_cdm_client.sh
- create mode 100644 usr/share/rear/restore/CDM/default/400_restore_with_cdm.sh
- create mode 100644 usr/share/rear/verify/CDM/default/410_use_replica_cdm_cluster_cert.sh
- create mode 100644 usr/share/rear/verify/CDM/default/430_gen_rbs_uuid_for_cdm.sh
- create mode 100644 usr/share/rear/verify/CDM/default/450_start_cdm_rbs.sh
-
 diff --git a/.gitignore b/.gitignore
 index 5e3dc940..a644c865 100644
 --- a/.gitignore
@@ -146,7 +122,7 @@ index 00000000..41f37d20
 +
 +* Empty cells indicate that no tests were run.
 diff --git a/usr/share/rear/conf/default.conf b/usr/share/rear/conf/default.conf
-index b9f10e89..692e1874 100644
+index 0f0d0675..56967132 100644
 --- a/usr/share/rear/conf/default.conf
 +++ b/usr/share/rear/conf/default.conf
 @@ -1334,6 +1334,17 @@ LANG_RECOVER=C
@@ -226,53 +202,98 @@ index 00000000..bc4811c4
 +rear_shell "Has the restore been completed and are you ready to continue the recovery?"
 diff --git a/usr/share/rear/verify/CDM/default/410_use_replica_cdm_cluster_cert.sh b/usr/share/rear/verify/CDM/default/410_use_replica_cdm_cluster_cert.sh
 new file mode 100644
-index 00000000..7f18f27a
+index 00000000..518387e3
 --- /dev/null
 +++ b/usr/share/rear/verify/CDM/default/410_use_replica_cdm_cluster_cert.sh
-@@ -0,0 +1,43 @@
+@@ -0,0 +1,88 @@
 +# 410_use_replica_cdm_cluster_cert.sh
-+# If restoring from a replica Rubrik (CDM) cluster use it's cert for RBS.
++# If restoring from a replica Rubrik (CDM) cluster use its cert for RBS.
++
++LogPrint "If restoring from a replica Rubrik (CDM) cluster its cert will be downloaded and used for RBS"
 +
 +CDM_RBA_DIR=/etc/rubrik
 +CDM_KEYS_DIR=${CDM_RBA_DIR}/keys
 +
-+# When USER_INPUT_CDM_REPLICA_CLUSTER has any 'true' value be liberal in what you accept and assume exactly 'y' was actually meant:
-+LogPrint ""
-+is_true "$USER_INPUT_CDM_REPLICA_CLUSTER" && USER_INPUT_CDM_REPLICA_CLUSTER="y"
++local prompt="Is the data being restored from the original CDM Cluster?"
++local input_value=""
++local wilful_input=""
 +while true ; do
 +    # Find out if the restore is being done from the original CDM cluster or a Replica
-+    # the default (i.e. the automated response after the timeout) should be 'n':
-+    answer="$( UserInput -I CDM_REPLICA_CLUSTER -p "Is the data being restored from the original CDM Cluster? (y/n)" -D 'y' -t 300 )"
-+    is_true "$answer" && return 0
-+    if is_false "$answer" ; then
++    # the default (i.e. the automated response after the timeout) should be 'no':
++    input_value="$( UserInput -I CDM_REPLICA_CLUSTER -p "$prompt" -D 'no' )" && wilful_input="yes" || wilful_input="no"
++    if is_false "$input_value" ; then
++        if is_true "$wilful_input" ; then
++            LogPrint "User confirmed the data is not being restored from the original CDM Cluster"
++        else
++            LogPrint "Assuming the data is not being restored from the original CDM Cluster"
++        fi
 +        break
 +    fi
-+    UserOutput "Please answer 'y' or 'n'"
-+done
-+
-+while true; do
-+    CDM_CLUSTER_IP="$(UserInput -I USER_INPUT_CDM_CLUSTER_IP -r -t 0 -p "Enter one of the IP addresses for the replica CDM cluster: ")"
-+    [[ -n "$CDM_CLUSTER_IP" ]] && break
-+    PrintError "Please enter a non-empty CDM cluster IP."
++    if is_true "$input_value" ; then
++        LogPrint "User confirmed the data is being restored from the original CDM Cluster"
++        return 0
++    fi
 +done
 +
++LogPrint "Downloading cert from replica CDM cluster"
++# The name of the tar file that is being downloaded has changed in Rubrik CDM v5.1.
++# Before Rubrik CDM v5.1 it was rubrik-agent-sunos5.10.sparc.tar.gz
++# since Rubrik CDM v5.1 it is rubrik-agent-solaris.sparc.tar.gz
++# cf. https://github.com/rear/rear/issues/2441
 +CDM_SUNOS_TAR=rubrik-agent-sunos5.10.sparc.tar.gz
-+cd /tmp
-+/usr/bin/curl $v -kLOJ https://${CDM_CLUSTER_IP}/connector/${CDM_SUNOS_TAR} 
-+StopIfError "Could not download https://${CDM_CLUSTER_IP}/connector/${CDM_SUNOS_TAR}"
-+
-+/usr/bin/tar $v -xzf  $CDM_SUNOS_TAR
-+StopIfError "Could not extract $CDM_SUNOS_TAR"
-+
-+CDM_CERT_FILE=$(find ./ -name "rubrik.crt")
-+mv $v ${CDM_KEYS_DIR}/rubrik.crt ${CDM_KEYS_DIR}/rubrik.crt.orig
-+cp $v $CDM_CERT_FILE $CDM_KEYS_DIR
-+StopIfError "Could not copy replica CDM cluster certificate"
-+
-+/usr/bin/chmod $v 600 ${CDM_KEYS_DIR}/rubrik.crt
-+
-+
-+LogPrint "Replica Rubrik (CDM) cluster certificate installed."
++CDM_SOLARIS_TAR=rubrik-agent-solaris.sparc.tar.gz
++pushd $TMPDIR
++while true ; do
++    prompt="Enter one of the IP addresses for the replica CDM cluster (or 'no' to cancel)"
++    CDM_CLUSTER_IP="$( UserInput -I CDM_CLUSTER_IP -r -t 0 -p "$prompt" )"
++    test $CDM_CLUSTER_IP || continue
++    if is_false "$CDM_CLUSTER_IP" ; then
++        LogPrint "User canceled downloading cert from replica CDM cluster (data restore may fail now)"
++        popd
++        return 0
++    fi
++    # When curl fails for all files continue with an empty CDM_TAR_FILE to denote that nothing was downloaded:
++    for CDM_TAR_FILE in $CDM_SOLARIS_TAR $CDM_SUNOS_TAR '' ; do
++        test $CDM_TAR_FILE || continue
++        curl $v -fskLOJ https://${CDM_CLUSTER_IP}/connector/${CDM_TAR_FILE} && break
++    done
++    if ! test -s "$CDM_TAR_FILE" ; then
++        LogPrintError "Could not download Rubrik agent from https://${CDM_CLUSTER_IP}/connector/${CDM_SOLARIS_TAR} or https://${CDM_CLUSTER_IP}/connector/${CDM_SUNOS_TAR}"
++        while true ; do
++            prompt="Enter URL to download Rubrik agent tar archive (or 'no' to cancel)"
++            CDM_AGENT_URL="$( UserInput -I CDM_AGENT_URL -r -t 0 -p "$prompt" )"
++            test $CDM_AGENT_URL || continue
++            if is_false "$CDM_AGENT_URL" ; then
++                LogPrint "User canceled downloading Rubrik agent (data restore may fail now)"
++                popd
++                return 0
++            fi
++            curl $v -fskLOJ $CDM_AGENT_URL && break
++            LogPrintError "Could not download Rubrik agent from $CDM_AGENT_URL"
++        done
++        CDM_TAR_FILE=$( basename "$CDM_AGENT_URL" )
++    fi
++    if ! tar $v -xzf $CDM_TAR_FILE ; then
++        LogPrintError "Could not extract Rubrik agent (failed to 'tar -xzf $CDM_TAR_FILE')"
++        continue
++    fi
++    CDM_CERT_FILE=$(find ./ -name "rubrik.crt")
++    mv $v ${CDM_KEYS_DIR}/rubrik.crt ${CDM_KEYS_DIR}/rubrik.crt.orig
++    if ! cp $v $CDM_CERT_FILE $CDM_KEYS_DIR ; then
++        LogPrintError "Could not copy replica CDM cluster certificate"
++        continue
++    fi
++    chmod $v 600 ${CDM_KEYS_DIR}/rubrik.crt
++    mv $v ${CDM_KEYS_DIR}/agent.crt ${CDM_KEYS_DIR}/agent.crt.orig
++    mv $v ${CDM_KEYS_DIR}/agent.pem ${CDM_KEYS_DIR}/agent.pem.orig
++    # TODO: Actually do something if /etc/rubrik/rba-keygen.sh failed.
++    # Is /etc/rubrik/rba-keygen.sh perhaps only optional?
++    # cf. https://github.com/rear/rear/pull/2445#discussion_r448217873
++    /etc/rubrik/rba-keygen.sh || LogPrintError "/etc/rubrik/rba-keygen.sh failed (data restore may also fail)"
++    break
++done
++popd
++LogPrint "Replica Rubrik (CDM) cluster certificate installed"
 diff --git a/usr/share/rear/verify/CDM/default/430_gen_rbs_uuid_for_cdm.sh b/usr/share/rear/verify/CDM/default/430_gen_rbs_uuid_for_cdm.sh
 new file mode 100644
 index 00000000..5e99b79c
@@ -331,6 +352,3 @@ index 00000000..571da1da
 +StopIfError "Unable to start RBS Agent service"
 +
 +LogPrint "Rubrik (CDM) RBS agent started."
--- 
-2.25.4
-
diff --git a/SPECS/rear.spec b/SPECS/rear.spec
index cfbe8cc..521b8b6 100644
--- a/SPECS/rear.spec
+++ b/SPECS/rear.spec
@@ -3,7 +3,7 @@
 Summary:    Relax-and-Recover is a Linux disaster recovery and system migration tool
 Name:       rear
 Version:    2.4
-Release:    16%{?dist}
+Release:    17%{?dist}
 License:    GPLv3
 Group:      Applications/File
 URL:        http://relax-and-recover.org/
@@ -173,6 +173,10 @@ TZ=UTC %{__make} -C doc
 %{_sbindir}/rear
 
 %changelog
+* Mon Aug 10 2020 Pavel Cahyna <pcahyna@redhat.com> - 2.4-17
+- Update the Rubrik patch to include complete PR2445
+  Resolves: rhbz1867696
+
 * Thu Jun 04 2020 Václav Doležal <vdolezal@redhat.com> - 2.4-16
 - Apply upstream PR2373: Skip Longhorn Engine replica devices
   Resolves: rhbz1843809