How to generate Self-signed Certificate with powershell for Veeam backup for Microsoft 365
Summary
For communication between our Veeam backup for Microsoft 365 portal and Microsoft 365 tenant you need to have a certificate. If you prefer you can use a self signed certificate. This article describes how you can do this.
Prerequisited
Make sure you are admin on your windows system
Make sure you run Powershell as an administrator
Getting Started
You can execute the following powershell scripts where you have to specify the following parameters before executing:
Enter passwors string: ConvertTo-SecureString -String "Enter password" (note password will be displayed in clear text)
Export-PfxCertificate: -FilePath C:\temp\$Certname.pfx -Password $pw (this will create the PFX file in C:\temp directory, make sure it exists.script
CODE# Create and export a self-signed certificate # Define certificate name $Certname = Read-Host “Enter Certificate Name” # Define expiration $YearsToExpire = Read-Host “How many years should this certificate be valid” Write-Host "Creating Certifcate $Certname" -ForegroundColor Green # Create certificate $Cert = New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname $Certname -NotAfter (Get-Date).AddYears($YearsToExpire) -FriendlyName $Certname Write-Host "Exporting Certificate $Certname to $env:USERPROFILE\Desktop\$Certname.pfx" -ForegroundColor Green # Set password to export certificate $pw = ConvertTo-SecureString -String "Enter password" -Force -AsPlainText # Get thumbprint $thumbprint = $Cert.Thumbprint # Export certificate Export-PfxCertificate -cert cert:\localMachine\my\$thumbprint -FilePath C:\temp\$Certname.pfx -Password $pwWhen executing the script it will ask you to provide the following information:
Certificate name
Years that the certificate should be validWhen creation of the PFX file is done
it has stored the certificate in your personal cert store
In this example it exported the pfx file to C:\temp
