SECURING
Follow these steps to move a server and its credential store from one cluster to another existing cluster.
About this task
In this procedure, original server refers to the server you are moving and target server refers to one server in the cluster the server is moving to.
Procedure
1. From the original server, use the following server console command to copy the server's credential store data to a database:
where
keymgmt export credstore credstorecopy.nsf hubserver/renovations
3. Rename the credstore.nsf file on the original server. For example, rename it credstore_orig.nsf
4. Replicate credstore.nsf from the target server to the original server.
5. From the target server, export the named encryption key in its server ID file and save it to a key file in the program directory:
where <nekname> is the key name, <nekname>.key is the name of the key file to create, and<password> is a password for the key file.
For example:
keymgmt export nek credstorekey credstorekey.key passw0rd
Verify that you see a message similar to the following one indicating that the export was successful:
5558:0006-4A64] 06/12/2020 09:07:42.69 AM NEK > NEK credstorekey - Fingerprint A8C5 9018 C714 3F05 E574 93D9 5E70 005A 5371 4A71[5558:0006-4A64] NEK credstorekey exported successfully
7. From the original server, import the named encryption key from the key file into the server ID file:
where <nekname>.key is the name of the key file and<password> is the password for the key file. For example:
keymgmt import nek overwrite credstorekey.key passw0rd
where <database> is the name of the database with the exported data. For example:
keymgmt import credstore credstorecopy.nsf