Replacing Security Certificates
To establish secure data communications between the backup appliance and web browsers running on user workstations, Veeam Backup for AWS uses Transport Layer Security (TLS) certificates.
Important |
When updating to Veeam Backup for AWS version 5.0, note that only the TLS v1.3 certificates are now supported. Veeam Backup for AWS will automatically recreate all previously generated self-signed certificates. |
When you install Veeam Backup for AWS, it automatically generates a default self-signed certificate. You can replace this default certificate with your own self-signed certificate or with a certificate obtained from a Certificate Authority (CA). To replace the currently used TLS certificate, do the following:
- Switch to the Configuration page.
- Navigate to General > Certificates.
- Click Replace Web Certificate.
Complete the New CertificateWizard.
- At the Certificate Source step of the wizard, do the following:
- Select the Recreate a self-sign certificate option if you want to replace the existing certificate with a new self-signed certificate automatically generated by Veeam Backup for AWS.
- Select the Upload certificate option if you want to upload a certificate that you obtained from a CA or generated using a 3rd party tool.
- [This step applies only if you have selected the Upload certificate(s) option] At the Upload certificate(s) step of the wizard, browse to the certificate that you want to install, and provide a password for the certificate file if required.
Note |
Only .PFX and .P12 certificate files are supported. |
- At the Summary step of the wizard, review summary information and click Finish. To allow Veeam Backup for AWS to discover the newly installed certificate, restart the backup appliance.
Note |
If you have recreated the self-signed certificate, the browser from which you will try to access Veeam Backup for AWS next time will display a warning notifying that the connection is untrusted (although it is secured with SSL). To eliminate the warning, import the self-signed certificate to user workstations. |