Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. NetBackup™ Security and Encryption Guide
  5. Section II. Encryption of data-in-transit
  7. NetBackup CA and NetBackup certificates
  9. About the host ID-based certificate revocation list
  11. Refreshing the CRL on the master server
NetBackup™ Security and Encryption Guide

Refreshing the CRL on the master server

Use the following procedure to refresh the CRL on the master server. The procedure gets the current CRL from the NetBackup certificate authority and copies it to the master server. If a host in the environment was recently revoked, you must wait up to 5 minutes before the CRL reflects that the host was revoked.

See About the host ID-based certificate revocation list.

To refresh the CRL on the master server

  1. Log in to the master server as an administrator.

    For a clustered master server, log in to the active node.

  2. For a clustered master server, run the following command:

    nbcertcmd -getCRL -cluster [-server master_server_name]

    To get a CRL from a NetBackup domain other than the default, specify the -server master_server_name option and argument.

  3. Run the following command:

    nbcertcmd -getCRL [-server master_server_name]

Feedback

Was this page helpful?
Previous

About the host ID-based certificate revocation list

Next

Refreshing the CRL on a NetBackup host

Feedback

Was this page helpful?