Issues with Client-side security certificates

One of the biggest barriers to upgrading our NetBackup Client software to v8.1.1 is the new security ceritificates. If the SAs don't skip the token prompt outright, often the Client won't be able to communicate with the Master to pull its certificate and publish its own.

What is NetBackup v8.2 doing to improve the upgrade process and simplify the usage of security certificates ?

1 Solution

Accepted Solutions
Accepted Solution!

Re: Issues with Client-side security certificates

External Certificates is the best answer which is available in 8.2


You have to point client to the cert to use. There does not need to be any connectivity to the master.

The other thing is if they are upgrading, some customers uninstall and then reinstall. This will look like a spoof to NBU. It’s important to “upgrade” so that the certificate we issued in the previous release remains

2 Replies

Re: Issues with Client-side security certificates

Agree with John - 

In the olden days we had "bpclntcmd -clear_host_cache"  to clear old host info, can we get similar tools to clear, remove or fix our client credentials?

 

NetBackup 8.1.2 on Solaris 11, writing to DataDomain 9800
duplicating via SLP to LTO5 in SL8500 via ACSLS
Accepted Solution!

Re: Issues with Client-side security certificates

External Certificates is the best answer which is available in 8.2


You have to point client to the cert to use. There does not need to be any connectivity to the master.

The other thing is if they are upgrading, some customers uninstall and then reinstall. This will look like a spoof to NBU. It’s important to “upgrade” so that the certificate we issued in the previous release remains