Davoud Teimouri - Virtualization & Datacenter

A technology blog mainly focusing on virtualization and datacenter

Invalid Remote Certificate – Veeam Backup & Replication

I faced with “Invalid remote certificate”:

“Task Failed. Error: The remote certificate is invalid according to the validation process”

on some my replication jobs between two our vCenter servers and Veeam BR couldn’t validate our target vCenter server certificate.

I found a solution for resolving invalid remote certificate that I want to share it with you.

Here is my environment specifications and the configuration. The log file locations maybe different with you environment:

  • vCenter 6
  • ESXi Host 5.5 U3
  • Veeam B&R 9
  • Windows 2008R2 SP1

The problem was it:

When vCenter server is adding to Veeam BR, its certificate’s thumbprint will be added to configuration database and if the vCenter server’s certificate was changed (Invalid remote certificate), you have to re-validate it in Backup Infrastructure. So if the certificate isn’t valid, you will see the below error:

Invalid remote certificate

Task failed. Error: The remote certificate is invalid according to the validation process.

Now, what is the solution?

First step, disable all your backup and replication jobs that they are related to the vCenter and also stop Veeam BR service because invalid remote certificate doesn’t allow you

As I said before, you have to re-validate the certificate, so you should go to “Backup Infrastructure” and select your server then right click on the server and click on “Properties”.

Backup Infrastructure

Backup Infrastructure

Then, you will face with the below dialog:

Edit VMware Server

Edit VMware Server

Click “Next”.

At this window, you need to choose your credential, choosing previous credential is recommended.

Edit VMware Server - Credential

Edit VMware Server – Credential

When you click on “Next” at this window, Veeam BR will validating your credential and the server’s certificate and if it is valid, Veeam BR will save the server configuration otherwise you will face with the below prompt:

Edit VMware Server - Detecting Server Type

Edit VMware Server – Detecting Server Type

Edit VMware Server - Prompt

Edit VMware Server – Prompt

Click on “Connect” and your problem will be resolved and you will see the below window:

VMware Server - Save Configuration

VMware Server – Save Configuration

Now, enable your jobs and run one of them, if the job runs successfully, you have no problem otherwise follow the below step to troubleshooting and resolving the problem.

You have to check your jobs logs in this step, so go to the below path to find your job log:

C:\Program Data\Veeam\Backup\<Your Job Name>

Backup Log Path

Backup Log Path

Open the last log file and search “Mismatch!” word within that.

Backup Log

Backup Log

If you found the word, it means that your server thumbprint is different with saved thumbprint on the database and it should be changed.

Now, you need to have access to your database. Copy saved thumbprint from the log file and then logon to your database server via Management Studio and run a select query on “dbo.Soap_creds” table:

SQL Query

SQL Query

At this step, you should replace the thumbprints with server’s thumbprint (You can copy it from log file) and also you should remove any records that its “creds” column is : 00000000-0……….

Invalid remote certificate

SQL Update

Now start Veeam BR service and enable your jobs and see the result.

If you faced with the below error:

  • The object has already been deleted or has not been completely created.

You have to edit your jobs, re-add the VMs or edit destination specifications or remove all snapshots from snapshot list:

Invalid remote certificate

New Error

Invalid remote certificate

Edit Job

Hope, this post help you to resolving same issues.

Allow the computer to turn off this device to save power

To use Registry Editor to disable the Allow the computer to turn off this device to save power network adapter setting for a single computer, follow these steps:Click Start, click Run, type regedit in the Open box, and then click OK. Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\DeviceNumber NoteDeviceNumber is the network adapter number. If a single network adapter is installed on the computer, theDeviceNumber is 0001. Click PnPCapabilities. On the Edit menu, click Modify. In the Value data box, type 24, and then click OK.

Note By default, a value of 0 indicates that power management of the network adapter is enabled. A value of 24 will prevent Windows 7 from turning off the network adapter or let the network adapter wake the computer from standby. On the File menu, click Exit.

Davoud Teimouri is as a professional blogger, vExpert 2015-2016-2017, VCA, MCITP. This blog is started with simple posts and now, it has large following readers.

9,248 total views, 1 views today

No votes yet.
Please wait...
Updated: 20/06/2017 — 9:38 pm

Leave a Reply

Teimouri.net © 2012 Frontier Theme
%d bloggers like this:
Read more:
Teradici PCoIP Hardware Accelerator (APEX 2800) Drivers Package 2.5.3 GA

After VMware released vSphere 6 U2, all other vendors are updating their components for ESXi. Teradici also released new version...

Close