Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. NetBackup™ Security and Encryption Guide
  5. Section II. Encryption of data-in-transit
  7. NetBackup CA and NetBackup certificates
  9. About host ID-based certificates
  11. Deploying certificates on a client that has no connectivity with the primary server
NetBackup™ Security and Encryption Guide

Deploying certificates on a client that has no connectivity with the primary server

NetBackup can detect whether a host has connectivity with the primary server or not. If there is no connectivity, NetBackup automatically attempts to use the built-in HTTP tunnel on a media server to route the connection request to the primary server.

If NetBackup cannot automatically detect the host connectivity with the primary server or find an appropriate media server to route the connection request, you need to manually configure the HTTP tunnel options.

See About the communication between a NetBackup client located in a demilitarized zone and a primary server through an HTTP tunnel.

To deploy a certificate on a client that has no connectivity with the primary server, refer to the following topic:

See Deploying host ID-based certificates.

Note:

As the request is routed via a different host, the primary server cannot validate the authenticity of the certificate request, therefore an authorization token is a must.

Feedback

Was this page helpful?
Previous

Retaining host ID-based certificates when reinstalling NetBackup on non-primary hosts

Next

About host ID-based certificate expiration and renewal

Feedback

Was this page helpful?