How to restore Certificates from an RMA Controller to a new (replacement) Controller?
Restoring Certificates from an
RMA’ed controller.
Export
does not work while restoring the certificates to a new controller;
this is due to the fact that keys cannot be exported. The only way
around this is to copy the files associated with certificates from the
RMA’ed controller to the new production controller via root
access.
Run
the following commands:
1. cd to the
following directory on the RMA’ed
controller
a.
/etc/httpd/conf/httpd.conf –this file contains the httpd configuration
parameters which includes the certificates
parameters.
2. copy the
above from the RMA’ed
controller
3. [make a
back up copy of the httpd.conf file on the new controller just to be
safe.
a.
cp /etc/httpd/conf/httpd.conf
/etc/httpd/conf/httpd.conf-bk
4.
now copy the httpd.conf file from the old (RMA’ed) controller
to the new controller
“/etc/httpd/conf/”]
5.
From the old controller go to the following
directory
a.
opt/meru/cert
6. In
this directory on the old controller tar the entire cert directory. The
tar command has to be issued within the cert directory.
a.
bash-2.05a#
ls
ca csr internal key
p12 pswd server
userapps
bash-2.05a#
tar -cvf cert.tar . ? (Note: Don’t forget
the period!)
----verify the tar file
----
bash-2.05a# ls
-l
-rw-r--r-- 1
root
root
30720 Jan 2 23:28
cert.tar
7. Now tftp or
ftp the tar file from the old controller to the new production
controller
8. It is
always a good Idea to create a backup tar file on the new controller
before you untar the tar file from the old controller back up the cert
directory on the new production controller.
bash-2.05a# tar -cvf cert.tar-bk . <-- don’t forget
that pesky period
After this is complete issue the
command below to extract the imported cert
dir:
tar –xvf
<filename.tar>
9.
Restart apache from the cli from the GUI cli in the upper right hand
corner
of the GUI under cli, or reboot the controller or
restart the wncagent (note this is
disruptive)
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.