How to generate Self-signed Certificate with powershell for Veeam backup for Microsoft 365

Summary

For communication between our Veeam backup for Microsoft 365 portal and Microsoft 365 tenant you need to have a certificate. If you prefer you can use a self signed certificate. This article describes how you can do this.

Prerequisites

• Logged in as an Administrator on your local computer.

Getting Started

1. Run PowerShell as an Administrator.

2. Run the following below script. Make sure to enter a password in the “Enter password” field on line 13.

   CODE

   # Create and export a self-signed certificate
   
   # Define certificate name
   $Certname = Read-Host “Enter Certificate Name”
   # Define expiration
   $YearsToExpire = Read-Host “How many years should this certificate be valid”
   Write-Host "Creating Certifcate $Certname" -ForegroundColor Green
   # Create certificate
   $Cert = New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname $Certname -NotAfter (Get-Date).AddYears($YearsToExpire) -FriendlyName $Certname
   Write-Host "Exporting Certificate $Certname to $env:USERPROFILE\Desktop\$Certname.pfx" -ForegroundColor Green
   
   # Set password to export certificate
   $pw = ConvertTo-SecureString -String "Enter password" -Force -AsPlainText
   # Get thumbprint
   $thumbprint = $Cert.Thumbprint
   # Export certificate
   Export-PfxCertificate -cert cert:\localMachine\my\$thumbprint -FilePath C:\temp\$Certname.pfx -Password $pw

The above script will ask you for a certificate name, length, and will save the .pfx file in C:\temp\ folder.

3. The certificate now has been created as .pfx format in the C:\temp folder.

   

4. The certificate now is stored in Local Computer → Personal → Certificates and in the C:\temp folder.