We started using modern Auth a year ago and now the certificate has expired. I don't think I got a message warning me of the expiry - the error message when a job tries to run is:
AADSTS700027: Client assertion contains an invalid signature. [Reason - The key used is expired., Thumbprint of key used by client: 'A965260A794F....
The docs say (https://helpcenter.veeam.com/docs/vbo36 ... tml?ver=50) to update a cert, right click the org and select "Manage a backup application", this however is not selectable. Selecting "manage backup accounts" just gives a variation of the above error. If I select "Edit Organisation", then I can select and/or install a certificate, but I can't generate one.
I could go into Windows certman and create a certificate and I imagine that would import fine, but I didn't know if this was the right thing to do. I upgraded to v5 to see if it helped, it did not.
Thanks to Fouad in Support, he quickly saw that I still had "Allow for Legacy Auth protocols" enabled. Disabling this then gave the option to renew the certificate and we are all good.
What I find a bit odd is the last certificate was only valid for a year, I don't recall why this was selected. Whereas the new one is valid for 10 years, which is much better!
Most likely you have created that first certificate (with the legacy auth protocols) before we had full MFA support. In that case, if I am not mistaken, the default is indeed 1 year.
