I have Server 2008 R2, with DPM 2012 SP1 patched, using TL2000 tape library
I have normal backups working (compression option selected)
I need to setup Encrypted backups, and am having a hard time creating a self signed certificate that will work with DPM 2012.
Getting Error 917 which restarts the console, lost communication with several services.
I have tried to make a self signed certificate from my IIS install on the server itself, but it doesn't create a correctly formed cert (key useage doesn't have repudication,dig sig on it etc)
I have tried the command provided in the technet documentation http://technet.microsoft.com/en-us/library/ff399364.aspx
Makecert.exe -r -n "CN=MyCertificate" -ss DPMBackupStore -sr localmachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 -e<expiry date in mm/dd/yyformat>
This doesn't work, but then, there isn't much in the way of explanation on the writeup of that technet description, I tried exporting that cert and placing it in personal, and DPMRestoreStore as well.
Do I need to do the previous instruction first for self signing with IIS makecert -sr LocalMachine -ss My -n CN=ServiceModelSamples-HTTPS-Server -sky exchange -sk ServiceModelSamples-HTTPS-Key
Unfortunately MY IIS is not a full installation, and it is STIGGED.
There is alot of 'questions' on how to do this in various searches, but no defininative answers on this. I am currently in research on how to create a self signed certificate without a CA that will meet the criteria for DPM.
I am currently looking at some powershell scripts to do the job
Justin Harty Helpdesk Analyst A+, Security + Certified