Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. NetBackup™ Security and Encryption Guide
  5. Section II. Encryption of data-in-transit
  7. NetBackup CA and NetBackup certificates
  9. About host ID-based certificates
  11. Cleaning host ID-based certificate information from a host before cloning a virtual machine
NetBackup™ Security and Encryption Guide

Cleaning host ID-based certificate information from a host before cloning a virtual machine

Cloning a virtual machine can present the opportunity for identity theft. Multiple hosts should not have the same key pair. This procedure ensures that each copy of the host gets a unique key pair and identity.

Perform the following procedure before cloning a virtual machine (or before creating a gold image of a machine for cloning) if it is a one-time operation.

To clean the host ID-based certificate information from a host before cloning

  1. Stop all NetBackup services on the host.
  2. Delete all files and directories from the following locations:

    On Windows:

    Install_path\NetBackup\var\VxSS\at\*

    Install_path\NetBackup\var\VxSS\credentials\*

    Install_path\NetBackup\var\webtruststore\*

    On UNIX:

    /usr/openv/var/vxss/at/*

    /usr/openv/var/vxss/credentials/*

    /usr/openv/var/webtruststore/*

  3. Delete the following file:

    On Windows: Install_path\NetBackup\var\VxSS\certmapinfo.json

    On UNIX: /usr/openv/var/vxss/certmapinfo.json

  4. Where NetBackup Cluster Server is used, perform the following steps in addition:
  5. Delete all files and directories from the following locations:

    Shared_disk\var\global\vxss\at\*

    Shared_disk\var\global\vxss\credentials\*

    Shared_disk\var\global\webtruststore\*

  6. Delete the following file:

    Shared_disk\var\global\vxss\certmapinfo.json

  7. Proceed to clone the virtual machine.

Feedback

Was this page helpful?
Previous

Deleting sensitive certificates and keys from media servers and clients

Next

About reissuing host ID-based certificates

Feedback

Was this page helpful?