(click to expand table of contents)
Certificate Management
Signed certificates from a publicly trusted Certificate Authority should be used for any production environment. Both applications used in this blueprint leverage certificates. The Cloud Connect server manages the certificate presented during self-service restore operations.
Cloud Connect Certificate
Tenants will interact with the Cloud Connect server when performing self-service restore activities as described above. This certificate is presented to the client when connecting to a “Service Provider” in the Backup and Replication interface.
Information regarding how certificates are leveraged with Cloud Connect can be found here: https://helpcenter.veeam.com/docs/backup/cloud/cloud_connect_ssl.html?ver=100
Information regarding how to manage the certificate used with Cloud Connect can be found here: https://helpcenter.veeam.com/docs/backup/cloud/cloud_connect_manage_ssl.html?ver=100
Backup for Office 365 Tenant Self-Service
Veeam Backup for Office 365 will be configured, in this blueprint, for self-service restores via a general option in the “authentication” tab. Tenant authentication is required to view and recover backups that are located on the service provider side. A certificate must be used to enable this option. Detailed instructions can be found here: https://helpcenter.veeam.com/docs/vbo365/guide/vbo_authentication_settings.html?ver=40
Backup for Office 365 Modern Authentication
Veeam Backup for Office 365 will be configured, in this blueprint, to use Modern Authentication to interact with Office 365. Detailed permissions and requirements can be found here: https://helpcenter.veeam.com/docs/vbo365/guide/azure_ad_applications.html?ver=40