Allowing or disallowing automatic certificate reissue
This section provides the procedures for allowing and disallowing automatic certificate reissue.
The option enables the autoreissue parameter of a host that in turn allows you to deploy a certificate on the host without requiring a reissue token.
See Deploying host ID-based certificates.
By default, the autoreissue parameter is enabled for 2880 minutes (or 48 hours or 2 days). After this duration, the parameter is disabled and the certificate reissue operation requires a reissue token.
See Configuring validity of the autoreissue parameter for a host.
To manually disable the autoreissue parameter, use the option.
Note:
During the Bare Metal Restore (BMR) process, the autoreissue flag is automatically set.
For more information about Bare Metal Restore, refer to the NetBackup Bare Metal Restore Administrator's Guide.
To allow automatic certificate reissue using the NetBackup Administration Console
- Expand Security Management > Host Management.
- In the right pane, select the host for which you want to allow automatic certificate reissue.
- Right-click the host and select the Allow Auto Reissue Certificate option.
To allow automatic certificate reissue using the command-line interface
- Run the following command to authenticate your web services login:
bpnbat -login -loginType WEB
- Run the following command to enable the autoreissue parameter, which in turn allows automatic certificate reissue:
nbhostmgmt -allowautoreissuecert -hostid host_ID -autoreissue 1
To disallow automatic certificate reissue using the NetBackup Administration Console
- Expand Security Management > Host Management.
- In the right pane, select the host for which you want to disallow automatic certificate reissue.
- Right-click the host and select the Disallow Auto Reissue Certificate option.
To disallow automatic certificate reissue using the command-line interface
- Run the following command to authenticate your web services login:
bpnbat -login -loginType WEB
- Run the following command to disable the autoreissue parameter, which in turn disallows automatic certificate reissue:
nbhostmgmt -allowautoreissuecert -hostid host_ID -autoreissue 0