Setup guide

Backing Up Data
54 Netscape Certificate Management System Command-Line Tools Guide May 2002
There is pl enty of disk space in the output di rectory; the size of the backup
archive will vary with the amount of data in your system, so you will learn
from experience how much space y ou require.
The configuration that you back up, of course, will use all of your current
passwords. You will need to remember the current passwords if you restore this
data after you change some passwords.
To run
cmsbackup:
1. Log in to the machine where your CMS i nstance is running and open a
command shell.
2. Change to the CMS server instance directory in the server root. For example, if
your server root is
/usr/netscape/servers and the instance ID of the server
youwanttobackupis
cmsinstance:
# cd /usr/netscape/servers/cert-cmsinstance
3. Execute the backup script: either cmsbackup on UNIX or cmsbackup.bat on
Windows NT systems. For example,
# ./cmsbackup
The script will run. Control returns to the command prompt when the script has
finished.
After You Finish a Backup
Immediately after running the backup tool, you should check the log file to make
sure that all systems were archived successfully. The log file is
<server_root>/cert-<instance>/logs/cmsbackup.log
If the any part of the backup was not successful, there will be a message labeled
WARNING or ERROR that tells you why. Most of the time, the problems are the result
of directories or files that are missing or inaccessible to the user running
cmsbackup. If necessary, change the permissions on the required files, delete the
zip archive in the output directory, and run
cmsbackup again.
Once you have a successful zip archive, you should s ecure it. The output directory
is probably accessible to any user on the system, and it may be on the same
physical disk as the server instance itself. You wan t to make sure the archive is not
accessible to unauthorized users and that you can use the arch ive if t here is a
system hardware failure. Remember, the archive contains a d atabase of private
keys. Although it is not easy to extract a key from the database without the correct
passwords, you do not want anyone to have the opportunity to try.