Cisco Cisco IPICS Release 4.5 Instrucciones De Seguridad Importantes
5
Release Notes for Cisco IPICS Release 4.7(1)
OL-31118-01
Caveats
Trust Certificates
The system stores these trust certificate files:
•
security.pri.ip_address.tar—Tar file that contains a snapshot of the Cisco IPICS security directory
(/opt/cisco/ipics/security) from the primary Cisco IPICS server. This directory contains all
self-signed certificates and third-party certificates for Cisco IPICS. In this file name, ip_address is
the IP address of the primary Cisco IPICS server.
(/opt/cisco/ipics/security) from the primary Cisco IPICS server. This directory contains all
self-signed certificates and third-party certificates for Cisco IPICS. In this file name, ip_address is
the IP address of the primary Cisco IPICS server.
•
nodemanager.sec.ip_address.tar—Applies to a high availability deployment only. Tar file that
contains a snapshot of the Cisco IPICS security directory (/opt/cisco/ipics/security) from the
secondary Cisco IPICS server. This directory contains all self-signed certificates and third-party
certificates for Cisco IPICS. In this file name, ip_address is the IP address of the secondary Cisco
IPICS server.
contains a snapshot of the Cisco IPICS security directory (/opt/cisco/ipics/security) from the
secondary Cisco IPICS server. This directory contains all self-signed certificates and third-party
certificates for Cisco IPICS. In this file name, ip_address is the IP address of the secondary Cisco
IPICS server.
Situations in which you might need to manually restore these files include the following:
•
The /opt/cisco/ipics/security directory on the active Cisco IPICS server is corrupted or deleted
•
The server trust setup is accidentally reinitialized
To restore the certificate files, follow these steps:
Procedure
Step 1
Use an SSH client to access the server on which the Cisco IPICS backup is located, log in as the root
user, and enter these commands to extract the security tar file to a /tmp directory:
user, and enter these commands to extract the security tar file to a /tmp directory:
a.
# cd /tmp
b.
To extract the files for the primary Cisco IPICS server, where path is the full backup directory path
and ip_address is the IP address of the primary Cisco IPICS server:
and ip_address is the IP address of the primary Cisco IPICS server:
# tar xvf path/security.pri.ip_address.tar
To extract the files for the secondary Cisco IPICS server, (in a high availability deployment only),
where path is the full backup directory path and ip_address is the IP address of the primary Cisco
IPICS server:
where path is the full backup directory path and ip_address is the IP address of the primary Cisco
IPICS server:
# tar xvf path/security.sec.ip_address.tar
Step 2
Log in as the root user to the Cisco IPICS server on which the security directory is to be manually
restored and enter these commands to back up the current security directory:
restored and enter these commands to back up the current security directory:
# cd /opt/cisco/ipics
# tar cvf security.tar.save security
Step 3
Enter this command to replace the trust certificate files with the files that you extracted in
:
# /bin/cp -rp /tmp/security/* /opt/cisco/security
Step 4
Enter this command to restart Cisco IPICS:
# service ipics restart
Caveats
The following sections provide information about caveats in this Cisco IPICS release: