Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. NetBackup™ Security and Encryption Guide
  5. Read this first for secure communications in NetBackup
  7. When an authorization token is required during certificate deployment
NetBackup™ Security and Encryption Guide

When an authorization token is required during certificate deployment

The information in this section applies only to NetBackup CA-signed certificates. External CA-signed certificates do not require authorization tokens.

The security level setting determines whether an authorization token is required to deploy a certificate. You can set the security level on the master server to different levels, depending on your needs. Use the Security Management > Global Security Settings > Secure Communication tab in the NetBackup Administration Console.

The following settings are available. The default setting is High.

  • Medium - The master server fingerprint must be confirmed during certificate deployment. An authorization token is not required.

  • High - The master server fingerprint must be confirmed during certificate deployment. An authorization token is not required if the host is known to the master server.

  • Very High - The master server fingerprint must be confirmed during certificate deployment. An authorization token is mandatory for every host.

Note:

Certificate deployment in certain scenarios always requires a token, such as in the case of clients in a demilitarized zone or for certificate reissue.

See About NetBackup certificate deployment security levels.

Feedback

Was this page helpful?
Previous

How NetBackup certificates are deployed on hosts during upgrades

Next

Why do you need to map host names (or IP addresses) to host IDs

Feedback

Was this page helpful?