•
Section 2.2, “Option 2: Security Databases to HSM Migration”
•
Section 2.3, “Option 3: HSM to Security Databases Migration”
•
Section 2.4, “Option 4: HSM to HSM Migration”
NOTE
Archived keys stored in a 6.0x or 6.1 DRM cannot be migrated to Certificate
System 7.3 because the old key-splitting scheme is not supported in versions
later than 6.1 (SP4). To be able to recover these keys, obtain a migration patch
from Red Hat services.
2.1. Option 1: Security Databases to Security Databases
Migration
1. Remove all the security databases in the Certificate System 7.3 server which will receive
migrated data.
rm /var/lib/instance_ID/alias/cert8.db
rm /var/lib/instance_ID/alias/key3.db
NOTE
On Certificate Management System 6.0x, the certificate database is
cert7.db
,
not
cert8.db
.
2. Copy the certificate and key security databases from the 6.x server to the 7.3 server.
cp old_server_root/alias/cert-old_DRM_instance-cert8.db
/var/lib/instance_ID/alias/cert8.db
cp old_server_root/alias/cert-old_DRM_instance-key3.db
/var/lib/instance_ID/alias/key3.db
3. Open the Certificate System
/alias
directory.
cd /var/lib/instance_ID/alias/
Chapter 5. Step 4: Migrating Security Databases
24