Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. NetBackup™ Security and Encryption Guide
  3. Section II. Encryption of data-in-transit
  4. NetBackup CA and NetBackup certificates
  5. About host ID-based certificates
  6. About NetBackup certificate deployment security levels
  7. Configuring the certificate deployment security levels
NetBackup™ Security and Encryption Guide

Configuring the certificate deployment security levels

Use the NetBackup Administration Console or the nbcertcmd command to configure the certificate deployment security level in the NetBackup domain.

These security levels are specific to NetBackup CA-signed certificates.

To configure the certificate deployment level using the NetBackup Administration Console

  1. In the NetBackup Administration Console, expand Security Management and do one of the following:
    • Go to Certificate Management. From the Actions menu, select Configure Security Settings.

    • Go to Global Security Settings.

  2. On the Security level for certificate deployment screen, slide the indicator to one of three levels: Very High, High (default), or Medium.
  3. Click OK.

To configure the certificate deployment level using the command line

  1. The primary server administrator must be logged in to the NetBackup Web Management Service to perform this task. Use the following command to log in:

    bpnbat -login -logintype WEB

    See Web login requirements for nbcertcmd command options.

  2. Run the following command to view the current security level:

    nbcertcmd -getSecConfig -certDeployLevel -server primary_server_name

  3. Run the following command to change the security level:

    nbcertcmd -setSecConfig -certDeployLevel 0-2 -server primary_server_name

    Where 0 is Very High, 1 is High (default), and 2 is Medium.

For information about nbcertcmd, see the NetBackup Commands Reference Guide.

Feedback

Was this page helpful?
Previous

About NetBackup certificate deployment security levels

Next

Automatic host ID-based certificate deployment

Feedback

Was this page helpful?