Certificate Expiration

Due to the way Veeam interacts with Azure AD, CloudCover requires a certificate to be able to communicate with each other, however. This certificate now expires after 10 years.

Once we’ve renewed the certificate on our end, you’ll need to run through the signup process to reauthenticate your organisation with Veeam.

To do this, you can either click the Update Link button on the Settings tab of the web portal.


If the certificate expires before you’ve run through the sign-up process, you’ll see an error on your job that looks similar to the below.

AADSTS700027: Client assertion contains an invalid signature. [Reason – The key used is expired., Thumbprint of key used by client: ‘1C5AA341A75DFB256184EB37ECC3C2C9897CD124’, Found key ‘Start=11/26/2021 15:23:20 End=11/25/2022 23:59:59, Please visit the Azure Portal, Graph Explorer or directly use MS Graph to see configured keys for app Id ‘8aa63700-629d-4a24-bda3-e34e704ef130’. Review the documentation at https://docs.microsoft.com/en-us/graph/deployments to determine the corresponding service endpoint and https://docs.microsoft.com/en-us/graph/api/application-get?view=graph-rest-1.0&tabs=http to build a query request URL, such as ‘https://graph.microsoft.com/beta/applications/8aa63700-629d-4a24-bda3-e34e704ef130’]. Trace ID: 81ea5618-47ae-48e7-8490-f6e9f3bd0902 Correlation ID: 8e1f50b3-aa71-4ce3-b2d8-5e6f2b15608c

Once the sign-up process has gone through, your job should run successfully on the next run.