Red Hat CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE Manual page 81

Hide thumbs Also See for CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE:
Table of Contents

Advertisement

a.
Open the old Certificate System's alias/ directory.
cd old_server_root/alias
b.
Set the LD_LIBRARY_PATH environment variable to search the Certificate System libraries.
LD_LIBRARY_PATH=old_server_root/bin/cert/lib
export LD_LIBRARY_PATH
c.
Use the old Certificate System certutil tool to identify the old HSM slot name.
old_server_root/bin/cert/tools/certutil -U -d .
d.
Use the old Certificate System certutil tool to extract the public key and save the base-64 output to a file. In
this example, the -L option lists the named certificate, the -n option names the certificate, -h gives the old
HSM information, and -a saves the information to the base-64 file.
old_server_root/bin/cert/tools/certutil -L
-n "old_HSM_slot_name:caSigningCert cert-old_DRM_instance"
-d . -h old_HSM_token_name -a > caSigningCert.b64
e.
Copy the base-64 file from the old server to the new server.
cp old_server_root/alias/caSigningCert.b64
/var/lib/instance_ID/alias/caSigningCert.b64
4.
Log into the new server as the Certificate System user, and open the Certificate System alias/ directory.
cd /var/lib/instance_ID/alias/
5.
Log in as root, and set the file user and group to the Certificate System user and group.
su
chown user:group ServerCert.p12
chown user:group kraStorageCert.p12
chown user:group kraTransportCert.p12
chown user:group caSigningCert.b64
6.
Log out as root. As the Certificate System user, set the file permissions.
chmod 00600 ServerCert.p12
chmod 00600 kraStorageCert.p12
chmod 00600 kraTransportCert.p12
chmod 00600 caSigningCert.b64
7.
Import the public/private key pairs of each entry from the PKCS #12 files into the new security databases.
pk12util -i ServerCert.p12 -d .
Enter Password or Pin for "NSS Certificate DB":********
Enter password for PKCS12 file: ********
4.2. 6.0 Data Recovery Manager
(DRM) Migration
Databases

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Table of Contents