Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. NetBackup™ Security and Encryption Guide
  5. Section II. Encryption of data-in-transit
  7. NetBackup CA and NetBackup certificates
  9. About host ID-based certificates
  11. Automatic host ID-based certificate deployment
NetBackup™ Security and Encryption Guide

Automatic host ID-based certificate deployment

A host ID-based certificate is automatically deployed on the NetBackup master server as part of NetBackup installation.

These certificates are deployed on other NetBackup hosts (after confirming the fingerprint) depending on the certificate deployment level.

The Certificate Authority (CA) on the NetBackup master server can accept or reject the certificate request depending on the certificate deployment level and the ability of the master server to verify the host information.

You can check the list of the deployed certificates on any NetBackup host by using the following command:

nbcertcmd -listCertDetails

When a certificate request is rejected, the host administrator must request the NetBackup administrator to generate and share an authorization token to deploy the certificate manually.

See Creating authorization tokens.

See About NetBackup certificate deployment security levels.

Feedback

Was this page helpful?
Previous

Configuring the certificate deployment security levels

Next

Deploying host ID-based certificates

Feedback

Was this page helpful?