Case I: Security Databases To Security Databases Migration - Red Hat CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE Manual
Hide thumbs
Also See for CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE:
- Administration manual (512 pages) ,
- Manual (108 pages) ,
- Reference manual (337 pages)
Table of Contents
Advertisement
6.2.1. Case I: Security Databases to Security Databases Migration
1.
Remove all the security databases in the new Certificate System which will receive migrated data.
rm /var/lib/instance_ID/alias/cert8.db
rm /var/lib/instance_ID/alias/key3.db
2.
Copy the certificate and key security databases from the old server to the new server.
cp old_server_root/alias/cert-old_DRM_instance-cert8.db
/var/lib/instance_ID/alias/cert8.db
cp old_server_root/alias/cert-old_DRM_instance-key3.db
/var/lib/instance_ID/alias/key3.db
3.
Log into the new server as the Certificate System user, and open the Certificate System alias/ directory.
cd /var/lib/instance_ID/alias/
4.
Log in as root, and set the file user and group to the Certificate System user and group.
su
chown user:group cert8.db
chown user:group key3.db
5.
Log out as root. As the Certificate System user, set the file permissions.
chmod 00600 cert8.db
chmod 00600 key3.db
6.
List the certificates in the security databases using the certutil command. In this example, -L lists the certific-
ates.
certutil -L -d .
Server-Cert cert-old_DRM_instance cu,cu,cu
caSigningCert cert-old_DRM_instance CT,c,
kraStorageCert cert-old_DRM_instance u,u,u
kraTransportCert cert-old_DRM_instance u,u,u
7.
Open the CS.cfg configuration file.
cd /var/lib/instance_ID/conf/
vi CS.cfg
8.
Edit the kra.storageUnit.nickname and kra.transportUnit.nickname attributes to reflect the new
subsystem information.
kra.storageUnit.nickname=
kraStorageCert cert-old_DRM_instance
kra.transportUnit.nickname=
kraTransportCert cert-old_DRM_instance
6.2. 7.0 and 7.1 Data Recover Man-
ager (DRM) Migration
121
Chapter 7. Step 4: Migrating Security
Advertisement
Chapters
Table of Contents
