How secure communication works with primary server cluster nodes using external certificates
You can use X.509 certificates that your trusted certificate authority (CA) has issued, for a clustered primary server.
You should first enable your NetBackup domain to use external CA-signed certificates by configuring the NetBackup web server. You can then configure the NetBackup clustered primary server to use external CA-signed certificates for secure host communication.
See Workflow to use external certificates for a clustered primary server.