Exporting and importing LTPA keys

The first deployment for IBM FileNet® Content Manager auto-generates the LTPA keys. Other deployments import the keys.

About this task

As a part of the first deployment against the IBM FileNet Content Manager, the content operator generates LTPA keys that are shared by all components in the deployment that are based on the WebSphere® Application Server. Once the first deployment is complete, you export the IBM FileNet Content Manager operator-generated LTPA keys to be imported for use in the other deployments (virtual servers) participating in your geographically dispersed FileNet P8 domain.

Export the IBM FileNet Content Manager operator-generated LTPA keys by exporting the <meta.name>-ecm-ltpa secret that is found in the namespace created to host a previous deployment against the same FileNet P8 domain. To export the LTPA keys, run the oc get secrets <meta.name>-ecm-ltpa -n <namespace> -o yaml >> ecm-ltpa-export.yaml command.

With the exported secret yaml file, remove the fields and values for ownerReferences, resourceVersion, uid, and creationTimestamp. These fields are specific to the environment that the secret was exported from and must be removed to clean the yaml contents before the yaml is used to create the secret for the next deployment.

In any additional deployments that participate in your FileNet P8 domain, apply the exported and cleaned ecm-ltpa-export.yaml by running the oc apply -f ecm-ltap-export.yaml -n <namespace> command.

What to do next

To export the clientID and clientSecret values that are used to access IAM, see Exporting and importing Content Platform Engine clientID or clientSecret values for IAM.