Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...


Info

This article is valid for Smart ID 20.06.1 and later.

...

Expand
titlePrerequisites

This is a summary of what must be in place before the migration starts.

  • A Windows host.
  • The same Java version as for the corresponding Identity Manager release is installed and its java.exe in your PATH. See Identity Manager requirements and interoperability.
  • Java has the Unlimited Strength Jurisdiction Policy Files installed.
  • The new keypair has been generated.
  • For every tenant on the system have access to:
    • tenant ID
    • administrative username + password

...

Expand
titleShutdown and backup

Before you start the migration:

  1. Stop the Identity Manager applications (shut down Tomcat or the respective docker containers by running docker compose down from within docker/compose/identitymanager/<webappname>/).
  2. Create a backup of the respective databases.

...

Expand
titleSet up Identity Manager to use the new keypair
  1. For docker:
    Open docker/compose/identitymanager/config/signencrypt.xml for editing.
    or:
    For WAR file deployment: 

    Open WEB-INF/classes/engineSignEncrypt.xml in Identity Manager Operator, Identity Manager Admin and Identity Manager Tenant for editing.
  2. Change the attributes of the EncryptedFields descriptor and its referenced key to the values needed for the new keypair, as you set them for the NewEncryptedFields descriptor in the migration application. Note that the descriptor's name must still be EncryptedFields and not NewEncryptedFields for Identity Manager.
  3. For docker:
    Run docker compose up from within  docker/compose/identitymanager/<webappname>/ for all Identity Manager applications (Admin, Operator and Tenant) to recreate the docker containers.
    or:
    For WAR file deployment:
    Start Identity Manager.