DPeaco
7 years agoModerator
Netbackup 8.x certificate refresh
Linux master - 8.1.1; 4 Linux media servers - 8.1.1, 8 Linux Client servers - 8.1.1
I'm seeing an issue where backups will start failing on any of the media servers because the "certificate hasn't been refreshed in the past 7 days". Why is this? Doesn't NetBackup refresh between master/media servers? These boxes run backups around the clock, 7 days a week. Why would backups start failing with what appears to be an expired certificate and what's broken in 8.1.1 that doesn't automatically refrest certificates between master and media servers?
Has anybody else seen or experienced this?
- As you mentioned 7 days I believe it would be the crl that seems to not be refreshed which in turn is causing failures..
I would assume simply running “nbcertcmd -getcrl” on the affected host fixes your issue right.?
Ideally the crl should be automatically refreshed in specific intervals depending on the security level configured unless there is a network issue or maybe the certmap.json file had any incorrect entires
The table in the below link should tell you about the security levels and the crl refresh intervals
https://www.veritas.com/support/en_US/doc/21733320-127424841-0/v126192948-127424841
Now in your case if there is some issue on the master server itself and the crl is not correctly generated then that needs to be checked