Upgrading keystore files for the Data Receiver
This scenario aims to eliminate the impact of the Java™ version upgrade on secure communications, especially if you have set up TLS authentication with Java 8 and want to continue using it, or if you want to set up two-way TLS authentication with Java 11.
Before you begin
About this task
Use the script to upgrade the Data Receiver's passStore file. After the migration, you can flexibly use the different Java version to start the Data Receiver or to continue to set up TLS authentication.
To complete the Data Receiver's security migration process, you need to complete the following steps:
Set the following environment variables:
- The Java installation directory on the Data Receiver
system.Important: JAVA_HOME should match with the version when the Data Receiver TLS settings were initialized.
- The Data Receiver working directory that is described in Setting up a working directory and an output directory for the Data Receiver.
- The Data Receiver output directory that is described in Setting up a working directory and an output directory for the Data Receiver.
- For Linux®
export JAVA_HOME=/java_installation_directory export CDPDR_HOME=/dr_working_directory export CDPDR_PATH=/dr_output_directory
- For Windows systems
set JAVA_HOME=/java_installation_directory set CDPDR_HOME=/dr_working_directory set CDPDR_PATH=/dr_output_directory
- Download the
migrateDataReceiverTLS.sh(for Linux systems) or
migrateDataReceiverTLS.bat(for Windows systems) file from the Z Common Data Provider system by using a binary protocol.
- Move or copy script
migrateDataReceiverTLS.batinto the CDPDR_HOME directory where the
DataReceiver.jarfile is located.
- Run script
migrtaeDataReceiverTLS.batdepending on your system:
- For Linux
cd CDPDR_HOME ./migrateDataReceiverTLS.sh
- For Windows
cd CDPDR_HOME migrateDataReceiverTLS.bat
- For Linux systems
- The keystore file in PKCS12 format, which contains a secret key for password encryption.
- The keystore file in JCEKS format, which contains a secret key for password encryption.