Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. NetBackup™ Security and Encryption Guide
  5. Section II. Encryption of data-in-transit
  7. NetBackup CA and NetBackup certificates
  9. About Token Management for host ID-based certificates
  11. About expired authorization tokens and cleanup
NetBackup™ Security and Encryption Guide

About expired authorization tokens and cleanup

An authorization token expires in either of the following situations (whichever happens first):

  • When the current date-time combination is later than the token's Valid for amount.

  • When the token is used for Maximum Uses Allowed requests.

An expired authorization token remains in the token database, but cannot be used to authorize certificate deployment requests.

Expired tokens can be deleted one by one, or they can be cleaned up all at once by using the Cleanup operation. The Cleanup operation deletes all expired tokens from the token database.

To clean up expired authorization tokens using the NetBackup Administration Console

  1. In the NetBackup Administration Console, expand Security Management > Certificate Management > Token Management.
  2. On the Actions menu, select Cleanup.
  3. Click Yes in the confirmation dialog box to clean up all expired tokens and delete them from the token database.

To clean up tokens using the command line

  • Use the nbcertcmd -cleanupToken command to delete all the expired tokens.

See Deleting authorization tokens.

Feedback

Was this page helpful?
Previous

Viewing authorization token details

Next

About the host ID-based certificate revocation list

Feedback

Was this page helpful?