When new DID gets created on existing PROD appliances, please boot up the Data Recovery StrongKey Tellaro node and set KeyCustodian PINs to activate the cryptographic module (TPM). Then, please import the Domain Key for new DID into Data Recovery StrongKey Tellaro node by following Step #3 and Step #4 of this document.
The Data Recovery StrongKey Tellaro will not be receiving replication from currently active PROD cluster as it will be shutdown after installation.
So, please make sure to take a MariaDB backup from one of the PROD appliance regularly at a fixed interval (daily or weekly or monthly) and store the backup to a secure drive. The latest backup would be used to restore the PROD cluster in case of a disaster.
shell> mysqldump -u root -p --ignore-table strongkeylite.replication strongkeylite > /path/to/secure/directory/strongkeylite_drbackup-<DATE>.db
NOTE: The data can only be restored up to a latest backup. |
The Data Recovery StrongKey Tellaro will not be receiving replication from currently active PROD cluster as it will be shutdown after installation.
So, please make sure to take a OpenLDAP database backup from one of the PROD appliance regularly at a fixed interval (daily or weekly or monthly) and store the backup to a secure drive. The latest backup would be used to restore the PROD cluster in case of a disaster. Login as “root” and execute the following commands:
shell> slapcat -n 0 -l /path/to/secure/directory/config-<DATE>.ldif
shell> slapcat -n 2 -l /path/to/secure/directory/databackup-<DATE>.ldif
Upgrade OS on Data Recovery StrongKey Tellaro whenever OS gets upgraded on PROD appliances.
Please ensure to take a backup of “strongauth” folder from one of the PROD appliance regularly and store the backup to secure drive.
Upgrade StrongKey Tellaro version on Data Recovery StrongKey Tellaro whenever the upgrade is performed on PROD appliances.