About
Upgrading the Virtru Customer Key Server (CKS) is very similar to a standard install except one must gather the existing:
- Rewrap Keys
- TLS Certificates
- HMAC ID
- HMAC Secret
Steps
The information can be obtained from other CKS instances or the local Virtru CKS.
Log into the CKS that will be upgraded. The user will most likely need to be elevated to manage items in the folder.
1. Complete backup of Virtru CKS
cd /var/virtru
mkdir backup
cd backup
cp -r /var/virtru/cks .
2. Stop the running CKS
cd /var/virtru/cks
docker-compose down
3. Perform a normal install
- Install Instructions
- Use the option to generate a self-signed certificate
- Use the option to generate RSA keys
4. Replace required files
TLS Certificate
cd /var/virtru/cks/ssl
rm *
cp /var/virtru/backup/cks/ssl/* .
RSA Keys
cd /var/virtru/cks/keys
rm *
cp /var/virtru/backup/cks/keys/* .
Copy the required values from your back up of cks.env "/var/virtru/backup/cks/env/cks.env"
-
tokenId
-
encryptedToken
cd /var/virtru/backup/cks/env
nano cks.env
Paste those values in your new cks.env
HMAC Token
cd /var/virtru/cks/env
nano cks.env
Note
Any text editor can be used, nano is used for reference.