Installation and Upgrade Guides › SiteMinder Upgrade Guide › Upgrading from r6.x › Migration Considerations › Mixed SiteMinder Environments › SiteMinder Key Database Password in r12.0 SP3
SiteMinder Key Database Password in r12.0 SP3
The SiteMinder key database (smkeydatabase) password, which is used to encrypt the key and certificate data stored in the database, is encrypted using FIPS-compliant algorithms. FIPS is a US government computer security standard used to accredit cryptographic modules that meet the Advanced Encryption Standard (AES). Consider the following as you plan your migration:
- An r12.0 SP3 Policy Server can only communicate with an r12.0 SP3 key database. A key database does not operate in compatibility mode.
- You can upgrade a key database by changing the password during the Policy Server upgrade. Changing the password re-encrypts the database password and existing encrypted data using FIPS-compliant algorithms.
- You can create an r12.0 SP3 key database during the Policy Server upgrade and migrate your existing key and certificate data into the new instance.
This guide details the steps for upgrading a key database. If you want to create an r12.0 SP3 key database and migrate existing key and certificate data into the new instance, do the following:
- Export the key and certificate data using the smkeytool utility.
Note: For more information about using the smkeytool utility, see the Federation Security Services Guide.
- Create the r12.0 SP3 key database during the Policy Server upgrade.
Note: You can use the Policy Server Configuration Wizard to create a key database. For more information about using the Policy Server Configuration Wizard, see the Policy Server Installation Guide.
- Import the key and certificate data using the smkeytool utility.
Copyright © 2012 CA.
All rights reserved.
|
|