Cleaning host ID-based certificate information from a host before cloning a virtual machine
Cloning a virtual machine can present the opportunity for identity theft. Multiple hosts should not have the same key pair. This procedure ensures that each copy of the host gets a unique key pair and identity.
Perform the following procedure before cloning a virtual machine (or before creating a gold image of a machine for cloning) if it is a one-time operation.
To clean the host ID-based certificate information from a host before cloning
- Stop all NetBackup services on the host.
- Delete all files and directories from the following locations:
On Windows:
Install_path\NetBackup\var\VxSS\at\*
Install_path\NetBackup\var\VxSS\credentials\*
Install_path\NetBackup\var\webtruststore\*
On UNIX:
/usr/openv/var/vxss/at/*
/usr/openv/var/vxss/credentials/*
/usr/openv/var/webtruststore/*
- Delete the following file:
On Windows: Install_path\NetBackup\var\VxSS\certmapinfo.json
On UNIX: /usr/openv/var/vxss/certmapinfo.json
- Where NetBackup Cluster Server is used, perform the following steps in addition:
- Delete all files and directories from the following locations:
Shared_disk\var\global\vxss\at\*
Shared_disk\var\global\vxss\credentials\*
Shared_disk\var\global\webtruststore\*
- Delete the following file:
Shared_disk\var\global\vxss\certmapinfo.json
- Proceed to clone the virtual machine.