In order to test this task, you’re require to submit an application to test Backup Vault.
I can create a backup vault by using MSDN –Visual Studio Premium. My another account MSDN –Visual Studio Professional was not able to create backup vault.
The purpose of creating a backup vault at Windows Azure is because i would like to perform a store backup data from DPM 2012 SP1 to Windows Azure.
Note:- This articles will replace my previous post which was written using DPM 2012 SP1 Beta.
1. To create backup vault, click on +NEW | Recovery Services | Backup Vault | Quick create | enter your vault detail and click Create Vault
2. Once you have created your 1st Backup Vault, you are require to upload public certificate to the backup vault.
Requirement of the public certificate or self signed:
- The certificate should be an x.509 v3 certificate. You can create a self-signed certificate, or use any valid SSL certificate issued by a Certification Authority (CA) trusted by Microsoft, whose root certificates are distributed via the Microsoft Root Certificate Program.
- The key length should be at least 2048 bits
- The certificate must have a valid ClientAuthentication EKU.
- The certificate validity should not exceed three years. You must specify an expiry date, otherwise a default setting that is valid for more than three years will be used.
- The certificate should reside in the Personal certificate store of your Local Computer.
- The private key should be included during installation of the certificate.
- To upload to the certificate to the portal, you must export it as a .cer format file that contains the public key.
It’s a bit trick. don’t use IIS to create a self signed certificate. Trust me! It wont’t work. Here is my guide on how to create a public certificate:
a. Install Visual Studio or install Windows SDK to use the makecert tool.
About makecert:- Click here
b.Type the following command:
makecert.exe -r -pe -n CN=CertificateName -ss my -sr localmachine -eku 1.3.6.1.5.5.7.3.2 -len 2048 -e 01/01/2016 CertificateName.cer |
Note:- change the certificate name with your DPM server name
c. If you will be registering a different server than the one you used to make the certificate, you need to export the .pfx file (that contains the private key), copy it to the other server and import it to that server’s Personal certificate store.
3. Go back to Windows Azure | Select Recovery Services and click Manage certificate
Select the certificate which you have generated by using makecert and upload to Windows Azure
4. Once you’ve successful upload the certificate, double click your vault and download the agent for your DPM server. Select “Download Agent link for Windows Server and System center- Data protection Manager”
5. Install the WABInstaller (17MB) on your DPM Server. During installation, make sure you’ve sufficient Cache Location (min 2,5Gb). This location will be use to keep track of the files that been backup.
6. Here is the step to register backup vault into DPM 2012 SP1
a. Reboot the machine after install the agent
b. Open DPM Administrator Console, click Management, click ONLINE and select Register from the toolbar.
c. Browse for the certificate
DPM will connect to Windows Azure and get your Backup Vault information which you have created in previous step. click Next
d. On proxy configuration page, click Next . Do fill up if your environment is using proxy server.
e. On throttling setting, set the Internet bandwidth based on working hours and days.
f. On Recovery Folder Settings page, specify a temporary location where it use to store a downloaded content when recovery. Make sure you have a sufficient data based on your recovery date size. Click next
g. On Encryption Settings page, click generate passphase. Remember to save it to notepad and keep in safe location. This passphase key is use to encrypt all backup from DPM server.
Note:- All these settings can change by clicking on Configure Settings when you can successful register..
h. Click Register to complete the registration process.
If you return back to Windows Azure portal, you will see that your DPM server has successfully registered.