Red Hat SYSTEM 8.0 - MIGRATION GUIDE 7.X TO 8.0 Manual page 88

Migration guide 7.x to 8.0

page of 124

/ 124
Contents
Table of Contents
Bookmarks

Table of Contents

Chapter 6. Migrating a OCSP Instance to Certificate System 8.0

run.sh /var/lib/dirsrv/slapd-example/ldif/old-old_OCSP_instance.txt > /var/lib/dirsrv/

slapd-example/ldif/rhcs80-new_OCSP_instance.ldif

20. Modify the content of rhcs80-new_OCSP_instance.ldif so that the LDIF files contain the

required ACLs and other settings that were created with the new 8.0 instances.

NOTE

When using a text editor to perform the substitution instead of a script, use an editor

that supports file sizes greater than 4 gigabytes, such as vim, because the LDIF files

may be larger than 2 gigabytes and even 4 gigabytes in some deployments.

a. Open the Certificate System 8.0 LDIF directory.

cd /var/lib/dirsrv/slapd-example/ldif

b. Open the new-new_OCSP_instance.ldif file, in read-only mode.

view new-new_OCSP_instance.ldif

c. Open the rhcs80-new_OCSP_instance.ldif file.

vi rhcs80-new_OCSP_instance.ldif

d. Delete the entries for o=hostname-db,o=netscapeCertificateServer and

o=netscapeCertificateServer.

e. Add a new entry for the base DN used in the 8.0 database (something like

dc=server.example.com-new_OCSP_instance). For example:

dn: dc=server.example.com-new_OCSP_instance

objectClass: top

objectClass: domain

dc: server.example.com-new_OCSP_instance

Change the base DN in every entry in the original file (o=hostname-

db,o=netscapeCertificateServer) to the one used

for entries in the new-new_OCSP_instance.ldif file

(dc=server.example.com-new_OCSP_instance). There could be thousands of entries

affected.

g. Replace cn=aclResources entry in the rhcs80-new_OCSP_instance.ldif file with the

cn=aclResources entry from the new-new_OCSP_instance.ldif file. For example:

dn: cn=aclResources,dc=server.example.com-new_OCSP_instance

resourceACLS: certServer.usrgrp.administration:read,modify:allow (read) group=

"Administrators" || group="Auditors" || group="Certificate Manager Agents" |

| group="Registration Manager Agents" || group="Data Recovery Manager Agents

" || group="Online Certificate Status Manager Agents";allow (modify) group="

Administrators":Administrators, auditors, and agents are allowed to read user

and group configuration but only administrators are allowed to modify

Table of Contents

Chapters

Table of Contents

Need help?

Do you have a question about the SYSTEM 8.0 - MIGRATION GUIDE 7.X TO 8.0 and is the answer not in the manual?

Questions and answers

Related Products for Red Hat SYSTEM 8.0 - MIGRATION GUIDE 7.X TO 8.0

This manual is also suitable for:

Certificate system 8.0 - administration

Red Hat SYSTEM 8.0 - MIGRATION GUIDE 7.X TO 8.0 Manual page 88

Chapters

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Red Hat SYSTEM 8.0 - MIGRATION GUIDE 7.X TO 8.0

Related Products for Red Hat SYSTEM 8.0 - MIGRATION GUIDE 7.X TO 8.0

This manual is also suitable for:

Table of Contents