Help Center
Choose product document...
Veeam Backup & Replication 9.5 Update 4
Veeam Cloud Connect Guide

Rights and Permissions to Access TLS Certificates

The Windows account under which the Veeam Cloud Connect Service on the SP Veeam backup server runs must have the following permissions:

  1. The Windows account must have access to the private key in the non-interactive mode (without having to enter a password).
  2. The Windows account must have access to the TLS certificate store folder where the private key is kept and must have read rights for this folder. To learn more about key directories and files, see Microsoft Docs.

A self-signed TLS certificate generated with Veeam Backup & Replication is placed to the Shared certificate store. The following Windows accounts have access to this certificate:

    • User who created the TLS certificate
    • LocalSystem Windows account
    • Local Administrators group
  1. The Windows account must have access to the TLS certificate itself (stored in the registry) and permissions on corresponding registry folders.

A self-signed TLS certificate generated with Veeam Backup & Replication is placed to Local Machine\Trusted Root and Local Machine\My registry folders. These folders do not contain any private information and all users have access to these folders by default.

Veeam Large Logo

User Guide for VMware vSphere

User Guide for Microsoft Hyper-V

Enterprise Manager User Guide

Veeam Cloud Connect Guide

Veeam Agent Management Guide

Veeam Explorers User Guide

Backup and Restore of SQL Server Databases

Veeam Plug-ins for Enterprise Applications

PowerShell Reference

Veeam Explorers PowerShell Reference

RESTful API Reference

Required Permissions Reference

Veeam Availability for Nutanix AHV Documentation

Veeam Backup for Microsoft Office 365 Documentation

Veeam ONE Documentation

Veeam Agent for Windows Documentation

Veeam Agent for Linux Documentation

Veeam Management Pack Documentation