Configuring vCenter CA Certificates in NetBackup primary server
NetBackup 10.0.1 onwards, vCenter CA certificate is automatically added to truststoreVWCP. In case of multiple certificates, configured in the vCenter, only certificate issued to and issued by Certificate Authority is added to the truststoreVWCP. If the vCenter CA certificate is not added automatically then follow the steps to add it manually:
- Download the vCenter CA certificates from https://<vCenter IP/FQDN>/certs/download.zip
- Extract the contents of a zip file to any local location.
- Get the
storepassfromVeritas/NetBackup/var/global/jkskey. - Update and run the following command:
Windows
C:\Program Files\Veritas\NetBackup\jre\bin\keytool" -storetype BCFKS providerpath "C:\Program Files\Veritas\NetBackup\wmc\ webserver\lib\ccj-3.0.1.jar" - providerclass com.safelogic.cryptocomply. jcajce.provider.CryptoComplyFipsProvider -importcert -trustcacerts -file C:\Users\labuser\Downloads\download \certs\win\ vCenter Certificate -keystore "C:\Program Files \Veritas\NetBackup\var\global\wsl\credentials\truststoreVWC P.bcfks" -storepass 3588289782 -alias VMwareCA
Linux
/usr/openv/java/jre/bin/keytool -storetype BCFKS -providerpath /usr/openv/wmc/webserver/lib/ccj-3.0.1.jar -providerclass com. safelogic.cryptocomply.jcajce.provider.CryptoComplyFipsProvider -importcert -trustcacerts -file /root/c3bc1e7a.0 -keystore /usr/openv/var/global/wsl/credentials/truststoreVWCP.bcfks - storepass 87324987439 -alias VMwareCA