I faced with “Invalid remote certificate”:
“Task Failed. Error: The remote certificate is invalid according to the validation process”
on some my replication jobs between two our vCenter servers and Veeam BR couldn’t validate our target vCenter server certificate.
I found a solution for resolving invalid remote certificate that I want to share it with you.
Here is my environment specifications and the configuration. The log file locations maybe different with you environment:
- vCenter 6
- ESXi Host 5.5 U3
- Veeam B&R 9
- Windows 2008R2 SP1
What Was “Invalid Remote Certificate” Issue?
When vCenter server is adding to Veeam BR, its certificate’s thumbprint will be added to configuration database and if the vCenter server’s certificate was changed (Invalid remote certificate), you have to re-validate it in Backup Infrastructure. So if the certificate isn’t valid, you will see the below error:
How Can Resolve It?
First step, disable all your backup and replication jobs that they are related to the vCenter and also stop Veeam BR service because invalid remote certificate doesn’t allow you
As I said before, you have to re-validate the certificate, so you should go to “Backup Infrastructure” and select your server then right click on the server and click on “Properties”.
Then, you will face with the below dialog:
Click “Next”.
At this window, you need to choose your credential, choosing previous credential is recommended.
When you click on “Next” at this window, Veeam BR will validating your credential and the server’s certificate and if it is valid, Veeam BR will save the server configuration otherwise you will face with the below prompt:
Click on “Connect” and your problem will be resolved and you will see the below window:
Now, enable your jobs and run one of them, if the job runs successfully, you have no problem otherwise follow the below step to troubleshooting and resolving the problem.
You have to check your jobs logs in this step, so go to the below path to find your job log:
C:\Program Data\Veeam\Backup\<Your Job Name>
Open the last log file and search “Mismatch!” word within that.
If you found the word, it means that your server thumbprint is different with saved thumbprint on the database and it should be changed.
Now, you need to have access to your database. Copy saved thumbprint from the log file and then logon to your database server via Management Studio and run a select query on “dbo.Soap_creds” table:
At this step, you should replace the thumbprints with server’s thumbprint (You can copy it from log file) and also you should remove any records that its “creds” column is : 00000000-0……….
Now start Veeam BR service and enable your jobs and see the result.
If you faced with the below error:
- The object has already been deleted or has not been completely created.
You have to edit your jobs, re-add the VMs or edit destination specifications or remove all snapshots from snapshot list:
Hope, this post helps you to resolving same issues. If you had same issue on newer version, please share your experiences with me in comment or send by email.
Further Reading
Veeam Backup and Replication – How to Choose Best Transport Mode for vSphere Proxy?
Veeam Backup & Replication Community Edition