Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. NetBackup™ Security and Encryption Guide
  5. Section II. Encryption of data-in-transit
  7. NetBackup CA and NetBackup certificates
  9. About revoking host ID-based certificates
  11. Getting a list of NetBackup hosts that have revoked certificates
NetBackup™ Security and Encryption Guide

Getting a list of NetBackup hosts that have revoked certificates

Use the following procedure to obtain a list of NetBackup hosts that have a revoked certificate.

See About the host ID-based certificate revocation list.

To get a list of NetBackup hosts with revoked certificates

  1. In a command window, log on to the NetBackup Web Management Service on the master server, as follows (the logon account must have NetBackup administrator privileges):

    UNIX: /usr/openv/netbackup/bin/bpnbat -login -loginType WEB

    Windows: install_path\NetBackup\bin\bpnbat -login -loginType WEB

  2. Run the following command to extract from the CRL a list of certificates that are not expired and then filter the results for the word "Revoked":

    UNIX: /usr/openv/netbackup/bin/nbcertcmd -listAllDomainCertificates | grep Revoked

    Windows: install_path\NetBackup\bin\nbcertcmd -listAllDomainCertificates | findstr Revoked

Feedback

Was this page helpful?
Previous

Determining a NetBackup host's certificate state

Next

Deleting host ID-based certificates

Feedback

Was this page helpful?