Table of Contents
Advertisement
Chapter 5. Step 4: Migrating Security Databases
3. Extract the public key of the CA signing certificate from the 7.x security databases and save
the base-64 encoded output to a file called
a. Open the Certificate Management System 7.x
cd old_server_root/alias
b. Set the
LD_LIBRARY_PATH
LD_LIBRARY_PATH=old_server_root/bin/cert/lib
export LD_LIBRARY_PATH
c. Use the Certificate Management System 7.x
name.
old_server_root/bin/cert/tools/certutil -U -d .
d. Use the Certificate Management System 7.x
the security databases and save the base-64 output to a file.
old_server_root/bin/cert/tools/certutil -L -n
"old_HSM_slot_name:caSigningCert
cert-old_OCSP_instance" -d . -h old_HSM_token_name -a >
caSigningCert.b64
e. Copy the key information from the 7.x server to the 7.3 server.
cp old_server_root/alias/caSigningCert.b64
/var/lib/instance_ID/alias/caSigningCert.b64
4. Open the Certificate System
cd /var/lib/instance_ID/alias/
5. Log in as
.
root
6. Set the file user and group to the Certificate System user and group.
# chown user:group ServerCert.p12
# chown user:group ocspSigningCert.p12
42
caSigningCert.b64
/alias
environment variable to search the Certificate System libraries.
certutil
certutil
directory.
/alias
.
directory.
tool to identify the old HSM slot
tool to extract the public key from
Advertisement
Table of Contents
Related Manuals for Red Hat CERTIFICATE SYSTEM 7.0 - MIGRATION GUIDE
Related Products for Red Hat CERTIFICATE SYSTEM 7.0 - MIGRATION GUIDE
- Red Hat APPLICATION STACK 1.1 RELEASE
- Red Hat APPLICATION STACK 1.2 RELEASE
- Red Hat APPLICATION STACK 1.3 RELEASE
- Red Hat APPLICATION STACK 1.4 RELEASE
- Red Hat APPLICATION STACK 2.0 RELEASE
- Red Hat APPLICATION STACK 2.1 RELEASE
- Red Hat APPLICATION STACK 2.2 RELEASE
- Red Hat APPLICATION STACK 2.4 RELEASE
Need help?
Do you have a question about the CERTIFICATE SYSTEM 7.0 - MIGRATION GUIDE and is the answer not in the manual?
Questions and answers