Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. NetBackup™ Web UI Administrator's Guide
  5. Section I. Managing security
  7. Managing security certificates
  9. Managing NetBackup security certificates

Managing NetBackup security certificates

Note:

The information here only applies to the security certificates that are issued by the NetBackup certificate authority (CA). More information is available for external certificates.

See Using external security certificates with NetBackup.

You can view and revoke NetBackup certificates and view information about the NetBackup CA. More detailed information about NetBackup certificate management and certificate deployment is available in the NetBackup Security and Encryption Guide.

View a NetBackup certificate

You can view details of all host ID-based NetBackup certificates that are issued to NetBackup hosts. Note that only 8.1 and later NetBackup hosts have host ID-based certificates. The Certificates list does not include any NetBackup 8.0 or earlier hosts.

To view a NetBackup certificate

  1. On the left, select Security > Certificates.
  2. Click NetBackup certificates.
  3. To view additional certificate details for a host, click on a host name.
Revoke a NetBackup CA certificate

When you revoke a NetBackup host ID-based certificate, NetBackup revokes any other certificates for that host. NetBackup ceases to trust the host, and it can no longer communicate with the other NetBackup hosts.

You may choose to revoke a host ID-based certificate under various conditions. For example, if you detect that client security has been compromised, if a client is decommissioned, or if NetBackup is uninstalled from the host. A revoked certificate cannot be used to communicate with master server web services.

Security best practices suggest that the NetBackup security administrator explicitly revoke the certificates for any host that is no longer active. This action should be taken regardless of whether the certificate is still deployed on the host, or whether it has been successfully removed from the host.

Note:

Do not revoke a certificate of the master server. If you do, NetBackup operations may fail.

To revoke a NetBackup CA certificate

  1. On the left, select Security > Certificates.
  2. Click NetBackup certificates.
  3. Click on the host name that is associated with the certificate that you want to revoke.
  4. Click Revoke Certificate > Yes.

View the NetBackup certificate authority details and fingerprint

For secure communication with the NetBackup certificate authority (CA) on the master server, a host's administrator must add the CA certificate to an individual host's trust store. The master server administrator must give the fingerprint of the CA certificate to the administrator of the individual host.

To view the NetBackup certificate authority details and fingerprint

  1. On the left, select Security > Certificates.
  2. Click NetBackup certificates.
  3. In the toolbar, click Certificate authority.
  4. Find the Fingerprint information and click Copy to clipboard.
  5. Provide this fingerprint information to the host's administrator.

Feedback

Was this page helpful?
Previous

NetBackup host IDs and host ID-based certificates

Next

Reissue a NetBackup certificate

Feedback

Was this page helpful?