Option 2: Security Databases To Hsm Migration - Red Hat CERTIFICATE SYSTEM 6.0 - MIGRATION GUIDE Manual

NOTE
For Certificate Management System version 6.0x, the certificate database is
automatically converted from
9. Open the configuration file in the
CS.cfg
10. E dit the
ca.signing.cacertnickname
to reflect the 7.3 CA instance.
ca.signing.cacertnickname=caSigningCert cert-old_CA_instance
ca.ocsp_signing.cacertnickname=ocspSigningCert cert-old_CA_instance
11. I f there is CA-DRM connectivity, then also modify the
attribute.
ca.connector.KRA.nickname=caSigningCert cert-old_CA_instance
12. I n the same directory, edit the
nickname. For example:
Server-Cert cert-old_CA_instance

1.2. Option 2: Security Databases to HSM Migration

1. Remove all the security databases in the Certificate System 7.3 which will receive migrated
data.
rm /var/lib/instance_ID/alias/cert8.db
rm /var/lib/instance_ID/alias/key3.db
NOTE
On Certificate Management System 6.0x, the certificate database is
not
cert8.db
2. Copy the certificate and key security databases from the 6.x server to the 7.3 server.
cert7.db
/var/lib/
and
ca.ocsp_signing.cacertnickaname
serverCertNick.conf
.
Option 2: Security Databases to HSM
to .
cert8.db
instance_ID directory.
/conf/
ca.connector.KRA.nickname
file to contain the old certificate
attributes
,
cert7.db
15