Direct Virtual Machine (VM) conversion (physical to virtual) tasks performed after the restore is complete
Starting with NetBackup 8.1.1 and later releases, for a windows client, after a successful completion of restore during Direct Virtual Machine (VM) conversion (physical to virtual), you have to manually deploy the Certificate Authority (CA) certificate and the host ID-based certificate on the client that is restored.
To generate and deploy a host ID-based certificate manually
- The host administrator must have obtained the authorization token value from the CA before proceeding. The token may be conveyed to the administrator by email, by file, or verbally, depending on the various security guidelines of the environment.
- Run the following command on the non-master host to establish that the master server can be trusted:
nbcertcmd -getCACertificate
- Run the following command on the non-master host and enter the token when prompted:
nbcertcmd -getCertificate -token
Note:
To communicate with multiple NetBackup domains, the administrator of the host must request a certificate from each master server using the -server option.
If the administrator obtained the token in a file, enter the following:
nbcertcmd -getCertificate -file authorization_token_file
- To verify that the certificate is deployed on the host, run the following command:
nbcertcmd -listCertDetails
Use the
-clusteroption to display cluster certificates.
For more information on how to deploy host-ID-based certificates, refer to the Deploying host ID-based certificates section in the NetBackup Security and Encryption Guide