NetBackup status code: 8963
Message: The host name that you have specified to connect to the NetBackup web server is not present in the NetBackup web server certificate.
Explanation: The NetBackup Web Management Console (nbwmc) service shows this error when clients use a host name of the master server which is not present in the certificate that is configured for the NetBackup Web Management Console service. Examples of clients are the NetBackup Administration Console, web UI, or third party applications accessing the NetBackup web APIs.
You can see this error when connecting to the NetBackup web UI or NetBackup Administration Console. The error occurs when the connection uses the IP address of the master server and that IP address isn't present in the certificate that is configured for the NetBackup Web Management Console service.
The NetBackup vCenter plug-ins can display this error. The issue occurs if the master server being added to the plug-in does not use the host names known to the NetBackup Web Management Console service.
Recommended Action: If you want to access the NetBackup Web Management Console functionality using additional host names and or IP addresses (other than the ones present in server certificate), refer to the following procedure.
Note:
This setting is only for a master server. The allowedlist.properties needs to have all the additional names (host names, IP addresses) of the master server that would be used to connect from the clients. Examples of clients are the NetBackup Administration Console, web UI, any rest client, or other NetBackup clients.
Accessing the NetBackup Web Management Console functionality using additional host names and or IP addresses
- Create a file
VAR_GLOBAL/wsl/config/allowedlist.properties.Example:
Windows:
<install_path>\NetBackup\var\global\wsl\config\allowedlist.propertiesUNIX:
/usr/openv/var/global/wsl/config/allowedlist.properties - Ensure that the web service account user has read permissions on this file.
Example: On UNIX systems
chmod a+r /usr/openv/var/global/wsl/config/allowedlist.propertiesis one way to ensure required permissions on this file. - Add required additional valid
host.headersandx.forwarded.host.headersheader values. - Save the file.
- Restart the
NetBackup Web Management Consoleservice.On a Windows system, the
NetBackup Web Management Consoleservice can be restarted from the Windows Service Control Manager.On UNIX systems
/usr/openv/netbackup/bin/nbwmc stop && /usr/openv/netbackup/bin/nbwmc start.
The following is an example of an allowedlist.properties file looks like:
#Sample Properties File# #Properties file to allow additional valid HOST and X-FORWARDED-HOST header values #Fri Apr 23 16:14:42 CDT 2021 host.headers=master_server_additional_name_1,master_server_additional_name_2, master_server_additional_ip_1,master_server_additional_ip_2 x.forwarded.host.headers=master_server_additional_name_1, master_server_additional_name_2 ,master_server_additional_ip_1, master_server_additional_ip_2
The key host.headers has comma-separated string values of the host names and IP addresses which need to be considered valid for the HOST request header.
The key x.forwarded.host.headers has comma-separated string values of the host names and IP addresses which need to be considered valid for the X-FORWARDED-HOST header.
Click here to view technical notes and other information on the Cohesity Technical Support website about this status code.