Show Contents / Index / Search

Upgrading From Earlier Versions

Before upgrading a running copy of PKI Services Manager, review the upgrade procedure for your operating system.

To upgrade on Windows

  1. You can install over your existing copy of PKI Services Manager.

    Note: If the PKI Services Manager service is running when you start the installation, the installer stops the service. Certificate validation services are not available while the service is stopped.

  2. Start the service after the installation is complete.

After the upgrade, PKI Services Manager uses your previously existing configuration. Your certificate store, revocation settings, identity mappings, and all other settings continue to work as they did prior to the upgrade.

Note: Your earlier version configuration file does not include settings added in the newer version. New settings are written to your configuration file the first time you save your settings using the console. If you haven't modified your configuration, PKI Services Manager uses the default value of any new settings. The Allow MD2 signed certificates setting is new in version 1.1, and it is unselected by default.

To upgrade on UNIX

  1. Uninstall your existing copy of PKI Services Manager.

    The uninstall script renames your existing configuration directory (/opt/attachmate/pkid/config/ by default) using a name based on the current date, and time. For example, config.20110101143755. Your local-store directory and any certificates you have added to this directory remain unchanged.

  2. Install the upgrade.

    The installer automatically starts the service. At this point, the service is running with a default configuration and a newly installed key pair. The next steps describe how to restore your prior settings and key pair using the backup configuration directory.

  3. To restore your prior identification key, configuration settings, and mappings, you should stop the service. You can then replace the new default config directory with the backup copy and restart the service. For example:

    /etc/init.d/pkid stop

    cd /opt/attachmate/pkid

    mv config config_default

    mv config.20110101143755 config

    /etc/init.d/pkid start

    Note: Your earlier version configuration file does not include keywords added in the newer version. For example, the AllowMD2Certificates keyword was added in version 1.1. If you upgrade from version 1.0 and don't add this keyword to your existing file, PKI Services Manager will use the default value, which is "No" for this keyword.

Related Topics

Changing the JVM