Installing Certificates

If an existing TLS certificate expires, or if you want to use another certificate, for example, the one obtained from a Certificate Authority, you can install a new certificate. If you want to use a certificate obtained from a Certificate Authority, make sure that the Enterprise Manager IP address or fully qualified domain name is specified in the certificate subject or subject alternative name.

To install a new certificate, follow these steps:

1. Log in to Enterprise Manager using an administrative account.
2. To open the Configuration view, click Configuration in the upper-right corner.
3. Open the Settings section.
4. On the Certificates tab, click Install and then choose the type of certificate to install:

• Select Server to install the certificate used by the Veeam Backup Enterprise Manager Service and Veeam Guest Catalog Service to connect to backup servers. For Linux-based Enterprise Manager, this certificate will also be used by the Veeam Backup Enterprise Manager REST API.

• Select Web UI to install the certificate used by the Veeam Backup Enterprise Manager web app and Veeam vSphere Client plug-in to connect to the web browser.

5. At the Certificate Type step of the Manage Certificate wizard, select one of the following options:

• Select a certificate from the certificate store

• Generate new certificate
• Upload a custom certificate

6. At the next step step of the wizard either provide a certificate friendly name for a self-signed certificate or choose an existing certificate that you want to install.

7. To install the certificate, click Finish.