Federation Manager Guide › Migrate Federation Manager to Use FIPS Encryption › How To Migrate from FIPS_COMPAT Mode to FIPS-Only Mode › Back Up the Existing Configuration

Back Up the Existing Configuration

You can restore an existing configuration as part of a system recovery, upgrade, or migration.

To restore a configuration, copy the key database and export configuration data. The XPSExport tool, which is shipped with Federation Manager, lets you export the configuration data to an XML file.

Important! While restoring a configuration, federation transactions will fail.

To export a configuration

1. Copy the key database and save it in a safe location. The key database is in the following directory:

   federation_mgr_home/siteminder/smkeydatabase

2. Log in to the Federation Manager UI.
3. Select the Federation tab and click Partnerships.

   The View Federation Partnerships window opens.

4. Select Deactivate from the Action menu next to each active partnership in the Federation Partnership list.
5. Export the Federation Manager configuration by entering the following command from a command window:

   XPSExport export_file_name -xa -passphrase passphrase

   export_file_name

   Names the output file that results from the export. The output from XPSExport is in XML format, therefore, the filename must end with the extension .xml.

   passphrase

   Specifies the passphrase required to encrypt sensitive data. The passphrase must be at least eight characters and must contain at least one digit, one uppercase and one lowercase letter. If the passphrase contains a space, then it must be enclosed in quotes.

   NOTE: If you do not want to enter the passphrase directly, you can leave it off the command. XPSExport then prompts you for a passphrase and a passphrase confirmation, which is not echoed to the screen.

You now have an XML file that contains encrypted configuration data. Use the XML file to restore a configuration.