Red Hat CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE Manual page 187

When using a text editor to perform the substitution instead of a script, use an editor that supports file sizes great-
er than 2 to 4 Gb such as vim because the LDIF files may be larger than 2 Gb in some deployments.
a. Open the old Certificate System LDIF directory.
cd old_server_root/slapd-old_instance-db/ldif
b. Replace the following entry with the value for internaldb.basedn parameter in the CS.cfg file. For ex-
ample:
cn=aclResources,dc=server.example.com-rhpki-ca
c. Add new groups for the the security domains.
cn=Security Domain Administrators,ou=groups,basedn
cn=Enterprise CA Administrators,ou=groups, basedn
cn=Enterprise KRA Administrators,ou=groups, basedn
cn=Enterprise OCSP Administrators,ou=groups, basedn
cn=Enterprise TKS Administrators,ou=groups, basedn
cn=Enterprise TPS Administrators,ou=groups, basedn
7. Convert the old.ldif file to a text file.
a. Open the version to text directory in the old Certificate System migration directory.
cd old_server_root/bin/cert/migrate/61ToTxt
b. Edit the run.sh script; uncomment and set the values for the following lines:
•
SERVER_ROOT=old_server_root
•
export SERVER_ROOT
•
INSTANCE=old_instance
•
export INSTANCE
c. Run the run.sh to use the old.ldif file to create a text file.
run.sh old_server_root/slapd-old_instance-db/ldif/old.ldif >
old_server_root/slapd-old_instance-db/ldif/old.txt
8. Open the old Certificate System LDIF directory, and copy the old.txt file to the new Certificate System's internal
database LDIF directory.
cd old_server_root/slapd-old_instance-db/ldif
cp old_server_root/slapd-old_instance-db/ldif/old.txt
/opt/redhat-ds/slapd-DS-instance/ldif
9. Log into the new server as the Certificate System user, and open the Certificate System ldif/ directory.
cd /opt/redhat-ds/slapd-DS-instance/ldif
8. Migrating Internal Databases for
6.1
Databases