Protecting host ID artefacts in NetBackup using HSM
After HSM is configured on NetBackup host using nbhsmcmd command, the private key of host ID certificate on NetBackup host can be encrypted using HSM by following steps:
To protect host ID artefacts in NetBackup using HSM
- Use the nbsetconfig command to set the required configuration parameter as follows:.
NB_CIPHER_KEYSTORE_TYPE = HSM
- Use the nbcertcmd -rotatepassphrasekey command to rotate passphrase key.
- Use nbcertcmd -listcertdetails option to list host ID certificate details.
Check 'Private Key Encryption State' to ensure that the passphrase of the host ID certificate's private key is encrypted using HSM.