Step 1: Preparing The Old Server; Step 2: Creating A New Certificate System Installation; Step 3: Stopping All New Certificate System Instances; Step 4: Migrating Security Databases - Red Hat CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE Manual

Hide thumbs Also See for CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE:

Administration manual (512 pages)

Manual (108 pages)

Reference manual (337 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

page of 240

/ 240
Contents
Table of Contents
Bookmarks

Table of Contents

2.1. Step 1: Preparing the Old Server

Since a complete backup of all Certificate Management System 6.1 (SP 4) instances was made during the CA subsystem

migration, it is not required to make another backup during the DRM subsystem migration.

NOTE

All the Certificate System 6.1 subsystems should still be stopped from the previous migration.

2.2. Step 2: Creating a New Certificate System Installation

Install a new Certificate System 7.2 DRM on the Red Hat Enterprise Linux 4 (AS) machine, serv-

er.example.com.

Download the Certificate System packages from the Red Hat Network or through the up2date command.

To install the subsystems, run the install utility; this is not necessary if the subsystems were installed through

up2date.

rhpki-install -pki-subsystem=kra

-pki_package_path=/media/cdrom/RedHat/RPMS -force

Configure the DRM instance. It is possible to change the names of migrated Certificate System subsystem instances,

but greater care must be taken when extracting and renaming certain portions of the data. Because port numbers are

stored in the server.xml file, which is unaffected by subsystem migration, port numbers can be changed between

instances without difficulty.

Go through the HTML configuration wizard. When the installation process is completed, the server returns a URL

pointing to the configuration wizard. For example:

http://server.example.com:10080/kra/admin/console/config/

For more information on the panels in the configuration wizard, see chapter 2, "Installation and Configuration," in the

Certificate System Administration Guide.

2.3. Step 3: Stopping All New Certificate System Instances

Stop the 7.2 DRM and CA instances.

/etc/init.d/rhpki-kra stop

/etc/init.d/rhpki-ca stop

Stop the Directory Server instance.

cd /opt/redhat-ds/slapd-ds

./stop-slapd

2.4. Step 4: Migrating Security Databases

NOTE

In order to recover the archived keys stored in the 6.1 (SP4) DRM, obtain a migration patch from Red Hat ser-

vices. This patch will recover the PIN needed to access the storage token where the DRM private key resides.

Do the following to migrate the Certificate Management System 6.1 (SP4) DRM data to the Certificate System 7.2 DRM

2.2. Step 2: Creating a New Certi-

ficate System Installation

Certificate System Migration

Table of Contents

Chapters

Table of Contents

Step 1: Preparing The Old Server; Step 2: Creating A New Certificate System Installation; Step 3: Stopping All New Certificate System Instances; Step 4: Migrating Security Databases - Red Hat CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE Manual

2.1. Step 1: Preparing the Old Server

2.2. Step 2: Creating a New Certificate System Installation

2.3. Step 3: Stopping All New Certificate System Instances

2.4. Step 4: Migrating Security Databases

Chapters

Related Manuals for Red Hat CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE

Related Content for Red Hat CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE

Table of Contents