Table of Contents
Advertisement
rm caSigningCert.b64
15. O pen the
configuration file in the
CS.cfg
16. E dit the
ocsp.signing.certnickname
ocsp.signing.certnickname=new_HSM_slot_name:ocspSigningCert
cert-old_OCSP_instance
NOTE
The
caSigningCert
17. I n the same directory, edit the
nickname. For example:
new_HSM_slot_name:Server-Cert cert-old_OCSP_instance
4. Token Key Service (TKS) Migration
Determine if the migration to be performed involves software security databases, an HSM, or
both; follow the appropriate process for the deployment scenario being migrated.
•
Section 4.1, "Option 1: Security Databases to Security Databases Migration"
•
Section 4.2, "Option 2: Security Databases to HSM Migration"
•
Section 4.3, "Option 3: HSM to Security Databases Migration"
•
Section 4.4, "Option 4: HSM to HSM Migration"
4.1. Option 1: Security Databases to Security Databases
Migration
1. Remove all the security databases in the new Certificate System which will receive migrated
data.
rm /var/lib/instance_ID/alias/cert8.db
rm /var/lib/instance_ID/alias/key3.db
instance_ID
/var/lib/
attribute to reflect the 7.3 subsystem information.
is not referenced in the
serverCertNick.conf
Token Key Service (TKS) Migration
directory.
/conf/
file.
CS.cfg
file to contain the old certificate
47
Advertisement
Table of Contents
