Appendix B. Installing Custom Certificate

When you upgrade the Nutanix AHV backup appliance to version 4.0 or later, a Veeam certificate is automatically installed on the appliance even if a custom certificate was used before. If you want to replace the Veeam certificate with your custom certificate, the following files are required:

  • certificate.pem — a file that contains the Nutanix AHV backup appliance certificate in the PEM format. Note that the PFX format is not supported.
  • privatekey.pem — a file that contains a private key used to generate the certificate.
  • password — a file that contains a password to decrypt the private key. This file is not required if the private key is not encrypted.

To install the certificate, do the following:

  1. Enable SSH access on the Nutanix AHV backup appliance.
  2. Connect to the Nutanix AHV backup appliance using SSH.
  3. Upload certificate files to the Nutanix AHV backup appliance.
  4. Open the /opt/VeeamBackupAgent/appsettings.json file and locate the BackupApplianceCertificate configuration section.
  5. Update the configuration parameters as in the following example:

"BackupApplianceCertificate": {

   "UseCustomCert": true,

   "CustomCertPemFilePath": "/<path_to_the_file>/certificate.pem",

   "CustomPrivateKeyPemFilePath": "/<path_to_the_file>/privatekey.pem",

   "CustomPasswordFilePath": "/<path_to_the_file>/password"
}

If the private key is not encrypted, leave the default "" value for the CustomPasswordFilePath parameter.

  1. Save the appsettings.json file.
  2. Restart the backup service using the following command:

sudo systemctl restart VeeamBackupAgent

 

Important

If the Nutanix AHV backup appliance cannot find the certificate in the specified folder or any of the certificate files contain incorrect data, the backup service will fail to start, and you will not be able to perform data protection and recovery operations. To troubleshoot the problem, check logs in the /var/log/nxbackupagent/nutanixbackupservice/nutanixbackupservice.log file.

  1. Update the Nutanix AHV backup appliance configuration using the Edit Nutanix Proxy wizard.