Veritas NetBackup™ Read This First Guide for Secure Communications

Last Published:
Product(s): NetBackup (8.1)

How the hosts with revoked certificates work

Host ID-based certificates can be revoked by the master server administrator for various reasons. A Certificate Revocation List (CRL) containing information about the revoked certificates is created by the master server and is periodically fetched by all hosts. The time interval to update the CRLs is determined by the certificate deployment security level on the master server.

During communication between hosts, CRLs are verified. The host that uses a revoked certificate is no longer trusted. Communication with such hosts is terminated.

For more information on CRLs, refer to the NetBackup Security and Encryption Guide.