Configuring external CA for secure communication between the source MSDP storage server and the target MSDP storage server

MSDP now supports use of an external CA for secure communication between two media servers that are from two different NetBackup domains. The secure communication is set up when you run Auto Image Replication (A.I.R.). If the two media servers use different external CAs, then you must exchange the external certificates before you use Auto Image Replication.

To exchange the external certificates, complete the following steps:

Copy the root certificate file from the source MSDP storage server to the target MSDP storage server. Combine the certificate files on the target MSDP storage server.
Copy the root certificate file from the target MSDP storage server to the source MSDP storage server. Combine the certificate files on the source MSDP storage server.

If the Windows certificate store is used to store the root certificate, add the root certificate to the certificate store. You can use the certutil tool to add the root certificate to the certificate store, or just right-click the root certificate file and select Install Certificate. When you use the certutil tool to install the root certificate, the store name parameter must be Root. When you use Windows explorer to install the root certificate, the store location must be Local Machine and store name must be Trusted Root Certification Authorities.

Configuring external CA for secure communication between the source MSDP storage server and the target MSDP storage server

Feedback

Feedback