Backing up your management certificates
How to backup your management subsystem certificates on VMware.
Backup your management subsystem certificates by using the dr-preparation
script.
- Download
v10_ova_dr_files-<version>.tgz
from IBM Fix Central. - Decompress
v10_ova_dr_files-<version>.tgz
to extract the dr-preparation-py script:tar -xzf
v10_ova_dr_files-<version>.tgz
- Copy the v10-dr/dist/dr-preparation-py script to one of your management
VMs:
scp v10-dr/dist/dr-preparation-py apicadm@<management vm>:/home/apicadm
Note: On three replica deployments, you can run this script on any of the management VMs. - Log in to the management
VM:
ssh apicadm@<management vm>
- Run the dr-preparation-py
script:
sudo python3 dr-preparation
The script creates the output file apicup-commands.txt that contains the apicup commands. The apicup commands that are generated include the encoded certificates of your management subsystem. In a disaster recovery scenario, you redeploy your management subsystems and run these apicup commands to re-create the certificates.
Verify that the file contains the following apicup commands:apicup certs set management atm-credential --encoded-string '<encoded_string>' apicup certs set management consumer-toolkit-credential --encoded-string '<encoded_string>' apicup certs set management designer-credential --encoded-string '<encoded_string>' apicup certs set management toolkit-credential --encoded-string '<encoded_string>' apicup certs set management juhu-credential --encoded-string '<encoded_string>' apicup certs set management consumer-ui-credential --encoded-string '<encoded_string>' apicup certs set management ui-credential --encoded-string '<encoded_string>' apicup certs set management encryption-secret --encoded-string '<encoded_string>' apicup certs set management discovery-credential --encoded-string '<encoded_string>' apicup certs set management governance-credential --encoded-string '<encoded_string>' apicup subsys set management site-name='<site_name>'
Note: If any of the certificates are missing, the script shows an error message. Resolve any errors before you continue, or you cannot successfully recover from a disaster event. - Copy the apicup-commands.txt file off the VM and store it with your project directory backup.