Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. NetBackup™ Web UI Administrator's Guide
  5. Section IX. Managing security
  7. Managing security certificates
  9. Manage NetBackup security certificates
NetBackup™ Web UI Administrator's Guide

Manage NetBackup security certificates

Note:

The information here only applies to the security certificates that the NetBackup certificate authority (CA) issues. More information is available for external certificates.

See Using external security certificates with NetBackup.

You can view and revoke NetBackup certificates and view information about the NetBackup CA. More detailed information about NetBackup certificate management and certificate deployment is available in the NetBackup Security and Encryption Guide.

View a NetBackup certificate

You can view details of all host ID-based NetBackup certificates that are issued to NetBackup hosts. Note that only 8.1 and later NetBackup hosts have host ID-based certificates. The Certificates list does not include any NetBackup 8.0 or earlier hosts.

To view a NetBackup certificate

  1. On the left, select Security > Certificates.
  2. Select the NetBackup certificates tab.
  3. To view additional certificate details for a host, click on a host name.

 

Revoke a NetBackup CA certificate

When you revoke a NetBackup host ID-based certificate, NetBackup revokes any other certificates for that host. NetBackup ceases to trust the host, and it can no longer communicate with the other NetBackup hosts.

You can choose to revoke a host ID-based certificate under various conditions. For example, if you detect that client security has been compromised, if a client is decommissioned, or if NetBackup was uninstalled from the host. A revoked certificate cannot be used to communicate with primary server web services.

Security best practices suggest that the NetBackup security administrator explicitly revoke the certificates for any host that is no longer active. Take this action if whether or not the certificate is still deployed on the host.

Note:

Do not revoke a certificate of the primary server. If you do, NetBackup operations may fail.

To revoke a NetBackup CA certificate

  1. On the left, select Security > Certificates.
  2. Select the NetBackup certificates tab.
  3. Select the host that is associated with the certificate that you want to revoke.
  4. Select Revoke certificate > Yes.

 

View the NetBackup certificate authority details and fingerprint

For secure communication with the NetBackup certificate authority (CA) on the primary server, a host's administrator must add the CA certificate to an individual host's trust store. The primary server administrator must give the fingerprint of the CA certificate to the administrator of the individual host.

To view the NetBackup certificate authority details and fingerprint

  1. On the left, select Security > Certificates.
  2. Click the NetBackup certificates tab.
  3. In the toolbar, select Certificate authority.
  4. Find the Fingerprint information and select Copy to clipboard.
  5. Provide this fingerprint information to the host's administrator.

Feedback

Was this page helpful?
Previous

NetBackup host IDs and host ID-based certificates

Next

Reissue a NetBackup certificate

Feedback

Was this page helpful?