Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. Veritas NetBackup™ Commands Reference Guide
  5. Appendix A. NetBackup Commands
  7. configureCerts
Veritas NetBackup™ Commands Reference Guide

Name

configureCerts — configures all the required certificates for the web server and updates the Java Key Store (JKS) with the latest certificate in the trust store.

SYNOPSIS

configureCerts [-renew_webserver_keys]

configureCerts [-update_trust_store]

 

On UNIX systems, the directory path to this command is /usr/openv/wmc/bin/install/

On Windows systems, the directory path to this command is install_path\NetBackup\wmc\bin\install\

DESCRIPTION

The configureCerts command configures all the required certificates for the web server and updates the JKS with the latest certificate in the trust store. Additionally, the command is used to update the trust store of the web server configuration.

The command provides a way to regenerate the key-pairs for the web server that include:

  • A key-pair for the web service user (the default web service user is nbwebsvc)

  • A key-pair for the NetBackup Web Management Console (nbwmc)

  • A key-pair for the web server services (that is a computer certificate)

After renewal of the key-pairs and their respective certificates, the command immediately updates the JKS file with the latest certificates that are available in trust store.

If the command is run without any option, it updates the JKS with the latest certificate that is available in the trust store.

On Windows systems, you must provide the password for the NetBackup Web Services account to successfully complete the key-pair renewal. To skip entering the password, set the WEBSVC_PASSWORD environment variable before you run the command. If you do not set this variable, the script prompts for the password three times:

  • For the web service user (nbwebsvc)

  • For the NetBackup Web Management Console (nbwmc)

  • For the web server

Note:

Be sure to stop the NetBackup Web Management Console service (nbwmc) before you renew the web server key-pairs.

The command logs to the configureCerts_KeyPairRenewal.log and configureCerts.log files at the location shown:

  • UNIX: /usr/openv/netbackup/wmc/webserver/logs

  • Windows: install_path\NetBackup\wmc\webserver\logs

OPTIONS

-renew_webserver_keys

Regenerates the key-pair and the respective certificates for the web server configuration.

-update_trust_store

Updates the trust store of the web server configuration. This option does not update the JKS or regenerate the key-pair of web server configuration.

Feedback

Was this page helpful?
Previous

cat_import

Next

configureCertsForPlugins

Feedback

Was this page helpful?