Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. NetBackup™ Plug-in for VMware vSphere Client (HTML5) Guide
  3. Plug-in configurations
  4. Configuring vCenter CA Certificates on the NetBackup primary server
NetBackup™ Plug-in for VMware vSphere Client (HTML5) Guide

Configuring vCenter CA Certificates on the NetBackup primary server

For NetBackup 10.0.1 and later, a vCenter CA certificate is automatically added to truststoreVWCP. If there are multiple certificates configured in the vCenter, only the certificate that is issued to and issued by Certificate Authority is added to the truststoreVWCP. If the vCenter CA certificate is not added automatically then follow the steps to add it manually:

To configure vCenter CA Certificates on the NetBackup primary server

  1. Download the vCenter CA certificates from the following URL:

    https://vCenter IP/FQDN/certs/download.zip

    NetBackup validates VMware virtualization server certificates using their root or intermediate certificate authority (CA) certificates.

  2. Extract the contents of a zip file to any local location.
  3. Get the storepass from Veritas/NetBackup/var/global/jkskey .
  4. Update and run the following command:

    Windows

    C:\program files\veritas\NetBackup\jre\bin\keytool -storetype BCFKS 
    -providerpath "C:\program files\veritas\NetBackup\wmc\webserver\lib\ccj.jar" 
    -providerclass com.safelogic.cryptocomply.jcajce.provider.CryptoComplyFipsProvider 
    -importcert -file C:\lab_systems\download\certs\win\dbabbe1a.0 -keystore 
    "C:\program files\veritas\NetBackup\var\global\wsl\credentials\
    truststoreVWCP.bcfks" -storepass 51570256d4919d9b -alias VMwarrCA

    Linux

    /usr/openv/java/jre/bin/keytool -storetype BCFKS -keystore truststoreVWCP.bcfks 
    -providerpath /usr/openv/wmc/webserver/lib/ccj-3.0.1.jar -providerclass 
    com.safelogic.cryptocomply.jcajce.provider.CryptoComplyFipsProvider -storepass:file 
    /usr/openv/var/global/jkskey -importcert -file /certs/f668ef66.0 -alias VMwareCA2

Feedback

Was this page helpful?
Previous

NetBackup RBAC permissions for the plug-in

Next

Log in to the Plug-in

Feedback

Was this page helpful?