Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. NetBackup™ Security and Encryption Guide
  3. Section II. Encryption of data-in-transit
  4. NetBackup CA and NetBackup certificates
  5. About host ID-based certificates
  6. About NetBackup certificate deployment security levels
  7. Configuring the certificate deployment security levels
NetBackup™ Security and Encryption Guide

Configuring the certificate deployment security levels

Use the NetBackup web UI or the nbcertcmd command to configure the certificate deployment security level in the NetBackup domain.

These security levels are specific to NetBackup CA-signed certificates.

To configure the certificate deployment level

  1. At the top right, click Settings > Global security.
  2. Click the Secure communication tab.
  3. Under Security level for certificate deployment, select the security level: Very High, High (default), or Medium.
  4. Click Save.

To configure the certificate deployment level using the command line

  1. The primary server administrator must be logged in to the NetBackup Web Management Service to perform this task. Use the following command to log in:

    bpnbat -login -logintype WEB

    See Web login requirements for nbcertcmd command options.

  2. Run the following command to view the current security level:

    nbcertcmd -getSecConfig -certDeployLevel -server primary_server_name

  3. Run the following command to change the security level:

    nbcertcmd -setSecConfig -certDeployLevel 0-2 -server primary_server_name

    Where 0 is Very High, 1 is High (default), and 2 is Medium.

For information about nbcertcmd, see the NetBackup Commands Reference Guide.

Feedback

Was this page helpful?
Previous

About NetBackup certificate deployment security levels

Next

Automatic host ID-based certificate deployment

Feedback

Was this page helpful?