Previous Topic: Deactivate the SSL ConfigurationNext Topic: Set the OPENSSL_FIPS Environment Variable

CA SiteMinder® Federation Standalone Installation and Upgrade GuideMigrate CA SiteMinder® Federation Standalone to Use FIPS EncryptionHow to Migrate from FIPS_COMPAT Mode to FIPS_Only ModeBack Up the Existing Configuration

Back Up the Existing Configuration

You can restore an existing configuration as part of a system recovery, upgrade, or migration.

To restore a configuration, copy the key database and export configuration data. The XPSExport tool, which is shipped with the product, lets you export the configuration data to an XML file.

Important! While restoring a configuration, federation transactions will fail.

To export a configuration

  1. Copy the key database and save it in a safe location. The key database is in the following directory:

    federation_mgr_home/siteminder/smkeydatabase

  2. Export the configuration by entering the following command from a command window:

    XPSExport export_file_name -xa -passphrase passphrase

    export_file_name

    Names the output file that results from the export. The output from XPSExport is in XML format, therefore, the filename must end with the extension .xml.

    passphrase

    Specifies the passphrase required to encrypt sensitive data. The passphrase must be at least eight characters and must contain at least one digit, one uppercase and one lowercase letter. If the passphrase contains a space, then it must be enclosed in quotes.

    NOTE: If you do not want to enter the passphrase directly, you can leave it off the command. XPSExport then prompts you for a passphrase and a passphrase confirmation, which is not echoed to the screen.

You now have an XML file that contains encrypted configuration data. Use the XML file to restore a configuration.