Optional - Verify the downloaded upgrade bin file.
•Download and scp the public key pubkey.txt over to the ETM server.
#scp pubkey.txt root@192.168.X.X:/opt/upgrade/
•Scp the external signature for the upgrade bin:
#scp
•Import the public key and verify the upgrade bin:
#cd /opt/upgrade
#gpg
gpg: directory `/root/.gnupg' created
gpg: new configuration file `/root/.gnupg/gpg.conf' created
gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/root/.gnupg/secring.gpg' created
gpg: keyring `/root/.gnupg/pubring.gpg' created
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 9B705669: public key "Black Box (Policy Server) <support@blackbox.com>" imported
gpg: Total number processed: 1
gpg: | imported: 1 |
#gpg
gpg: Signature made Mon 12 Dec 2011 03:19:38 PM EST using DSA key ID 9B705669
gpg: Good signature from "Black Box (Policy Server) <support@blackbox.com>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: | There is no indication that the signature belongs to the |
|
owner. |
| 5669 |
Primary key fingerprint: B7B6 1E4C EA5A 9FE0 19AB 6130 9830 42A5 9B70 |
Execute the upgrade on the ETM server (Non-Cluster)
CAUTION
The ETM instance will be unavailable/restarted during the upgrade process.
•
•
ssh to your ETM server as root Make sure the bin is executable:
# chmod +x
•
•
•
Run the desired
When the upgrade has completed, the upgrade script will create a new directory, /opt/upgradebackup where the previous instance is stored for rollback. If there is already a previously backed up version(s), the new directory created will be /opt/upgradebackup_<TIMESTAMP>
EXAMPLE: Upgrade from 3.1.3451 to 3.2.3971:
[root@policyserver
Uncompressing Upgrade to 3.2.3971........................................
18 | EncrypTight Manager Installation Guide |