When you configure the Veeam Agent management infrastructure, you can specify what TLS certificate must be used to establish a secure connection between the backup server and protected computers. Veeam Backup & Replication offers the following options for TLS certificates:
- You can choose to keep the default self-signed TLS certificate generated by Veeam Backup & Replication at the process of upgrade to version 9.5 Update 3.
- You can use Veeam Backup & Replication to generate a new self-signed TLS certificate. To learn more, see Generating Self-Signed Certificates.
- You can select an existing TLS certificate from the certificates store. To learn more, see Importing Certificates from Certificate Store.
- You can import a TLS certificate from a file in the PFX format. To learn more, see Importing Certificates from PFX Files.
If you plan to use a certificate issued by your own CA, make sure that the certificate meets the following requirements: