Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. Veritas NetBackup™ Commands Reference Guide
  5. Appendix A. NetBackup Commands
  7. nbcertupdater
Veritas NetBackup™ Commands Reference Guide

Name

nbcertupdater — run the certificate update utility

SYNOPSIS

nbcertupdater -host host_name [-broker broker_name] [-port broker_port] [-v] [-d] [-nolog]

nbcertupdater -ofile output_file [-ifile input_file] [-numparallel num_parallel_hosts] [-numattempts attempts_per_host] [-broker broker_name] [-port broker_port] [-v] [-d] [-nolog]

nbcertupdater -listonly -ofile output_file [-v] [-d] [-nolog]

nbcertupdater -help

 

On UNIX systems, the directory path to this command is /usr/openv/netbackup/bin/admincmd/

On Windows systems, the directory path to this command is install_path\NetBackup\bin\admincmd\

DESCRIPTION

The certificate update utility (nbcertupdater) provides an automated mechanism to contact a set of NetBackup hosts that can run a setuptrust operation with a specified authentication broker. The utility can also query the NBU_Machines private domain of the local authentication broker to generate the following: the set of NetBackup hosts that you can contact for the setuptrust operation.

The utility can only be run as a local administrator on the master server. It runs in three modes:

  • Process a single host. You specify a single host name on the command line. The utility contacts the host and runs setuptrust with the specified authentication broker.

  • Process multiple hosts. You specify the host names in an input file. If an input file is unspecified, nbcertupdater automatically generates the list of hosts to contact from the NBU_Machines private domain of the local authentication broker. It spawns a child to process each host. The -numparallel option controls the number of hosts that are processed in parallel.

  • Create the host list from the authentication broker. The utility creates the list from the NBU_Machines private domain of the local authentication broker and writes it to the output file. The hosts are not processed.

OPTIONS

-b | -broker broker_name

The broker with which trust should be set up. If a broker is not specified, trust is set up with the NetBackup master server.

-d

Enables debug mode. The utility prints debug messages on the console.

-h | -host host_name

Specifies the NetBackup host where the setuptrust operation is performed.

-help

Prints command usage information.

-i | -ifile input_file

Specifies the name of the input file that contains the names of NetBackup hosts to be processed. Each line in the input file maps to a host name (except for comment lines).

-l | -listonly

Generates the list of NetBackup hosts from the local authentication broker, but does not process them.

-na | -numattempts attempts_per_host

Specifies the number of attempts to process the host before the utility declares failure. The default is 1.

-nolog

Shuts off all logging for the utility operation.

-np | -numparallel num_parallel_hosts

Specifies the number of hosts to be processed in parallel. The default is 3.

-o | -ofile output_file

Specifies the name of the output file.

-p | -port broker_port

Specifies the port number of the selected broker. If this option is not specified, the default broker port is used to contact the broker.

-v

Enables verbose mode. The utility prints extra informational messages on the console.

OUTPUT MESSAGES

HOST_NOT_FOUND

The host name cannot be found.

BPCD_CONN_FAIL

Failed to connect to bpcd on host. The host may not have NetBackup client software installed on it. 

# bpnbat -ShowBrokerCerts
USER_INTERRUPT

User requested termination of operation. This error is returned if the user presses Ctrl-C to terminate the program.

SUCCESS

The host processed successfully.

EXAMPLES

Example 1 - Update a NetBackup host where the authentication client libraries are installed on it. 

# nbcertupdater -h huffman.abc.com
Logging to directory /openv/netbackup/logs/certupdater>
Processing host huffman.abc.com
Host processed successfully

Example 2 - Generate a list of computer names from the NBU_Machines private domain of the local authentication broker. This list is the same as the list that is displayed when you run the bpnbat -ShowMachines command.

# nbcertupdater -listonly -o outfile.txt
Logging to directory </usr/openv/netbackup/logs/certupdater>
Generating host list from the local AB
Writing result to file <outfile.txt>

Example 3 - Use an input file to specify the hosts to be updated. The first host is updated successfully. bpcd is not running on the second host. 

# cat infile.txt
huffman.vxindia.com
atom.vxindia.com

# nbcertupdater -i infile.txt -o outfile.txt
Logging to directory </usr/openv/netbackup/logs/certupdater>
Reading host names from file infile.txt
Attempt 1: Processing 2 hosts
Processing host huffman.abc.com (1/2)
Processing host atom.abc.com (2/2)
Completed host huffman.abc.com (SUCCESS)
Completed host atom.abc.com (BPCD_CONN_FAIL)
Total hosts attempted: 2 (1 succeeded)
Writing result to file <outfile.txt>

# cat outfile.txt
#huffman.abc.com #SUCCESS@(02/17/10 16:58:19)
atom.abc.com #BPCD_CONN_FAIL@(02/17/10 16:58:19)

Feedback

Was this page helpful?
Previous

nbcertcmd

Next

nbcldutil

Feedback

Was this page helpful?