Hi, Our PKI cert has expired on our VCS server, and as a result the backups of the VMs are failing as Veeam can’t connect to the VCS. Its going to take us a few days to get another cert generated and installed on the VCS - but is there any workaround we can do in the meantime to get the Veeam Backup and Replication software to backup our VMs? I’m assuming not really - as that’s the point of certificates!
Any suggestions most welcome.
Thanks...
Best answer by Chris.Childerhose
If I remember right the suggestions above might work but I think you might need to wait until you replace the certificate. I am pretty sure this happened in my lab and Veeam didn't work until I updated the certificate.
+23Hi,
You can try going to inventory > vCenter and editing your impacted vCenter to see if you can get Veeam to proceed through the error, but as you say, it’s doing its job. I’d say just quickly generate a self-signed in vCenter and get Veeam to trust that until you’ve got your new public one generated would be the fastest workaround. Otherwise it’ll be over to Veeam support to see if they’ve got any registry keys to ignore expiration.
+20Try and go to the Managed Servers, rt-click on your vCenter, go into the Properties and go through the process/wizard again. When you're prompted with a cert msg, click Continue. See if that works.
+21If I remember right the suggestions above might work but I think you might need to wait until you replace the certificate. I am pretty sure this happened in my lab and Veeam didn't work until I updated the certificate.
We did go through the procedure suggested - but unsurprisingly it didn’t like the expired certificate and wouldn’t complete the wizard. Ok- thanks anyway, I’ll just wait for the new cert.
+21We did go through the procedure suggested - but unsurprisingly it didn’t like the expired certificate and wouldn’t complete the wizard. Ok- thanks anyway, I’ll just wait for the new cert.
That is what I thought, and you need the new SSL. Best of luck once you get it renewed but backups should start working again.
+7As Michael noted, I’d probably just generate a new self-signed cert. It’s pretty easy really. And if you want a publicly signed cert, you can always add that later on, but a self-signed would at least get things running again.
Link below for info on generating new certs in the vCenter Certificate Manager.
https://kb.vmware.com/s/article/2112283
Hi, Just to resolve this one - we did resolve it in the end, but had to wait until we got a new PKI certificate for it. Once we’d one that, Veeam started to try and backup VMs. From memory, we had an issue where a load of the VM backups then failed due to locked .vib (?) files , but once we migrated them between hosts, they all backed up again, and all was well with the world.
+21Hi, Just to resolve this one - we did resolve it in the end, but had to wait until we got a new PKI certificate for it. Once we’d one that, Veeam started to try and backup VMs. From memory, we had an issue where a load of the VM backups then failed due to locked .vib (?) files , but once we migrated them between hosts, they all backed up again, and all was well with the world.
Great to hear you were able to resolve the issue and post back here. 👍🏼
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
