Delete NetBackup CA-signed certificate
When you delete a NetBackup CA-signed certificate, NetBackup revokes all NetBackup certificates for that host and marks all of them as deleted.
Consider the following scenario: An external certificate authority (ECA)-only environment is configured in your domain. Because of the presence of NetBackup CA-signed certificates on hosts, primary server receives notifications like 'certificate expiry' for the hosts. In such scenario, you can choose to delete the NetBackup CA-signed certificates to stop receiving unwanted notifications.
Users with the following RBAC roles can delete a NetBackup CA-signed certificate:
NetBackup Administrator
Default Security Administrator
To delete NetBackup CA-signed certificates of a host using the NetBackup web UI
- On the left, go to Security > Certificates. Select the NetBackup certificates tab.
- Select the host that is associated with the certificate that you want to delete.
Select Delete Certificate.
- Enter the reason to delete the certificate.
- Click Yes.
Use the following API to delete the NetBackup CA-signed certificate:
DELETE - /security/certificates/{serial_number} -
Use the following API to list the deleted NetBackup CA-signed certificates:
GET- /security/certificates/
Use the filter 'isCertDeleted'.
To delete NetBackup CA-signed certificates of a host using the command-line interface
- Run the following command:
nbcertcmd -deleteNBCACertificate -hostId host_id | -host host_name -deletionReason value [-server master_server_name]