I encountered an issue where the certificates for a client's VCSA expired, which has caused our Veeam backup to fail. I managed to update the certificates using the certmanager tool on the Linux-based VCSA. However, when I attempt to re-scan the VCSA in Veeam, it indicates that the certificate is unsigned and won't proceed. I've also added the certificate to the trusted root certificate store in certlm and attempted to re-add the VCSA to Veeam using the IP and port, but I keep receiving 404 or 503 errors. What am I missing?
1 Answer
It looks like you might need to follow specific steps to replace the certificate correctly in both VCSA and Veeam. Check out these guides: For VCSA, there's a detailed one that explains how to handle expired vCenter CA certificates, and for Veeam, there's a walkthrough on refreshing the vCenter certificates. Those should help you get on the right track!
I went through the Veeam steps too, but ran into a trust warning when rescanning. I updated the certificate but it seems Veeam can't verify it since I chose the VCSA option instead of a signed option.