Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. Veritas NetBackup™ Administrator's Guide, Volume I
  5. Section II. Configuring hosts
  7. Configuring Host Properties
  9. Configuration options for NetBackup servers
  11. ECA_CRL_CHECK for NetBackup servers and clients
Veritas NetBackup™ Administrator's Guide, Volume I

ECA_CRL_CHECK for NetBackup servers and clients

The ECA_CRL_CHECK option lets you specify the revocation check level for external certificates of the host. It also lets you disable the revocation check for the external certificates. Based on the check, revocation status of the certificate is validated against the Certificate Revocation List (CRL) during host communication.

You can choose to use the CRLs from the directory that is specified for the ECA_CRL_PATH configuration option in the configuration file (bp.conf on UNIX or Windows registry) or the CRL Distribution Point (CDP).

See ECA_CRL_PATH for NetBackup servers and clients.

Table: ECA_CRL_CHECK information

Usage

Description

Where to use

On NetBackup servers or clients.

How to use

Use the nbgetconfig and the nbsetconfig commands to view, add, or change the option.

For information about these commands, see the NetBackup Commands Reference Guide.

Use the following format:

ECA_CRL_CHECK = CRL check

You can specify one of the following:

  • DISABLE (or 0) - Revocation check is disabled. Revocation status of the certificate is not validated against the CRL during host communication.

  • LEAF (or 1) - Revocation status of the leaf certificate is validated against the CRL. This is the default value.

  • CHAIN (or 2) - Revocation status of all certificates from the certificate chain are validated against the CRL.

Equivalent Administration Console property

No equivalent exists in the NetBackup Administration Console host properties.

Feedback

Was this page helpful?
Previous

Specifying Windows certificate store for ECA_CERT_PATH

Next

ECA_CRL_PATH for NetBackup servers and clients

Feedback

Was this page helpful?