Manualshelf

Troubleshooting guide

ManualsBrandsRSA Security ManualsServer6.1
61626364656667686970
66 4: Primary Server Migration
RSA Authentication Manager 6.1 to 8.1 Migration Guide
Export the LDAP Directory Certificates
The LDAP directory certificate enables you to connect to your LDAP identity source
using the Secure Sockets Layer (SSL) protocol. SSL ensures that communication
between Authentication Manager and the LDAP directory is encrypted. If you do not
have access to the certificate files for each directory server, you can export the
certificates from your existing version 6.1 installation using the following procedure.
If you can access the certificates, you do not need to perform the procedure.
Procedure
1. List the certificates in the files. On the version 6.1 primary server, at the command
line prompt, go to the ACEPROG directory, and type:
certutil -L -d \ACEDATA\cert7.db + key3.db
where ACEDATA is the version 6.1 data directory containing the files.
2. Export each certificate in the list. Type:
certutil -L -d -n certname -r >filename.cer
where
certname is the name of the certificate.
filename is a name you choose for the certificate file.
3. Copy the exported certificate files to the version 8.1 instance, and import them
after migration.
Next Step
Import the certificates into your version 8.1 deployment. For more information, see
“Add an Identity Source SSL Certificate” in the Integrating LDAP Directories chapter
of the RSA Authentication Manager 8.1 Administrator’s Guide.
Perform a Typical Mode Migration
A typical mode migration migrates data with minimal interaction from you.
Note the following:
If you import the database dump file, the license file, and if applicable to your
deployment, the startup.pf file from an NFS or a Windows Shared folder, these
files must be stored in a separate directory from other migration files that you may
want to import at a later time such as the log dump file or a RADIUS migration
package.
If you import data from the 8.1 server, the /opt/rsa/am/migration location, this
location must only contain the database dump file, the license file, and if
applicable to your deployment, the startup.pf file.