Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. NetBackup™ Web UI Administrator's Guide
  5. Section III. Configuring hosts
  7. Managing credentials for workloads and systems that NetBackup accesses
  9. Add a credential for an external KMS
NetBackup™ Web UI Administrator's Guide

Add a credential for an external KMS

This type of credential allows you to access an external KMS server that you have configured.

To add a credential for an external KMS

  1. On the left, click Credential management.
  2. On the Named credentials tab, click Add and provide the following properties:

    • Credential name

    • Tag

    • Description (for example: This credential is used to access the external KMS.)

  3. Click Next.
  4. Select External KMS.
  5. Provide the credential details that are needed for authentication.

    These details are used to authenticate the communication between the NetBackup primary server and the external KMS server:

    • Certificate - Specify the certificate file contents.

    • Private key - Specify the private key file contents.

    • CA Certificate - Specify the CA certificate file contents.

    • Passphrase - Enter the passphrase of the private key file.

    • CRL check level - Select the revocation check level for the external KMS server certificate.

      CHAIN - The revocation status of all the certificates from the certificate chain are validated against the CRL.

      DISABLE - Revocation check is disabled. The revocation status of the certificate is not validated against the CRL during host communication.

      LEAF - The revocation status of the leaf certificate is validated against the CRL.

    See the NetBackup Security and Encryption Guide for more information on external KMS configuration.

  6. Click Next.
  7. Add a role that you want to have access to the credential.

    • Click Add.

    • Select the role.

    • Select the credential permissions that you want the role to have.

  8. Click Next and follow the prompts to complete the wizard.

Feedback

Was this page helpful?
Previous

Add a credential for cloud KMS

Next

Add a credential for Network Data Management Protocol (NDMP)

Feedback

Was this page helpful?