Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. Veritas NetBackup™ for Nutanix Acropolis Hypervisor (AHV) Administrator's Guide
  3. Configuring NetBackup communication with AHV
  4. Configuring secure communication between the Nutanix Acropolis Hypervisor server and NetBackup host
Veritas NetBackup™ for Nutanix Acropolis Hypervisor (AHV) Administrator's Guide

Configuring secure communication between the Nutanix Acropolis Hypervisor server and NetBackup host

Till NetBackup release 8.2, NetBackup provided configuration settings through a Nutanix specific configuration file nb_nutanix-ahv.conf to validate the AHV cluster based on the cluster's public x509 certificate that the AHV server returns during the communication.

NetBackup now supports peer certificate validation for all virtualization servers like VMware, RHV Manager, and Nutanix Acropolis Cluster through a common External Certificate Authority (ECA) framework. This common framework can work with a single set of configuration parameters for all virtualization workloads and provides additional validations like certificate revocation lists.

Note:

If you are upgrading from NetBackup 8.2, and you had previously set enable_ssl_validations to false in the nb_nutanix-ahv.conf file, and want to continue skipping certificate validation, no further action is required.

You can then skip rest of this section, and See Adding the Nutanix Acropolis Hypervisor Cluster credentials for NetBackup.

This framework requires a certificate bundle on each backup host that can contain certificates from one or more Certificate Authorities (CAs). In absence of centralized CAs, even self-signed certificates from different servers can be added to this bundle.

To set the common external CA parameters in NetBackup, See Managing SSL certificates through ECA framework.

Note that when you configure the SSL parameters in NetBackup, you must ensure that the values that you provide for the following options matches with the Acropolis cluster name that is present in the Nutanix SSL certificate:

  • New Virtual Machine Server name while adding the Acropolis Cluster credentials in NetBackup

    See Adding the Nutanix Acropolis Hypervisor Cluster credentials for NetBackup.

  • Application_Server parameter while configuring the backup policy

    See Creating a backup policy using the NetBackup Policies utility.

If you use the default certificates from Nutanix that contain the Common Name field as CN=*.nutanix.local, NetBackup might fail the SSL validations and not let you backup the AHV VMs. In this scenario, skip the SSL validations. If you want to skip certificate validation, set enable_ssl_validations to false in nb_nutanix-ahv.conf. You can then skip rest of this section, and See Adding the Nutanix Acropolis Hypervisor Cluster credentials for NetBackup.

Feedback

Was this page helpful?
Previous

Establishing communication between NetBackup and Nutanix AHV

Next

Managing SSL certificates on NetBackup Appliance

Feedback

Was this page helpful?