About security certificates for NetBackup hosts
NetBackup uses security certificates for authentication of NetBackup hosts. The NetBackup security certificates conform to the X.509 Public Key Infrastructure (PKI) standard. A primary server acts as the NetBackup Certificate Authority (CA) and issues NetBackup certificates to hosts.
NetBackup provides two types of NetBackup host security certificates: Host ID-based certificates and host name-based certificates. Host ID-based certificates are based on Universally Unique Identifiers (UUID) that are assigned to each NetBackup host. The NetBackup primary server assigns these identifiers to the hosts.
NetBackup uses the certificates that are issued from either a NetBackup Certificate Authority or an external certificate authority for host authentication. If you intend to use external certificates on your primary server, you configure the certificates in a post-installation process. The media servers and the clients that use external certificates can either configure external certificates during the installation or upgrade, or after the installation or upgrade.
More information about the post-installation process is available: https://www.veritas.com/support/en_US/article.100044300
For information on external CA support in NetBackup and external CA-signed certificates, see the NetBackup Security and Encryption Guide.