Veritas NetBackup™ Read This First Guide for Secure Communications

Last Published:
Product(s): NetBackup (8.1)

How secure communication works with master server cluster nodes

Review the following scenarios about certificate deployment if you have a clustered master server:

  • In the case of fresh NetBackup installation, the certificate on an active node is deployed automatically. You must manually deploy certificates on all inactive nodes.

  • In the case of disaster recovery, certificates for active and inactive nodes are not recovered. After you install NetBackup in a disaster recovery mode after a disaster, you must manually deploy certificates on all nodes using a reissue token.

  • In the case of upgrade, active or inactive nodes may already have a certificate. You can verify whether a cluster node has a certificate or not by viewing the certificate details with the nbcertcmd -listCertDetails command.

Note:

If you have configured NetBackup Access Control (NBAC) or Enhanced Auditing (EA) on a master server cluster node, you also need to manually deploy host name-based certificates on all nodes.

In a cluster setup, the same virtual name is used across multiple cluster nodes. Therefore, the virtual name should be mapped with all associated cluster nodes.