Versions Compared

Old Version 9

changes.mady.by.user Petteri Kivimäki

Saved on

compared with

New Version 10

changes.mady.by.user Petteri Kivimäki

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info

More information about changing the configuration signing keys is available at https://github.com/nordic-institute/X-Road/blob/develop/doc/Manuals/ug-cs_x-road_6_central_server_user_guide.md#54-changing-the-configuration-signing-keys.

Solution

Panel
bgColor#fff

  1. Connect to the Central Server using SSH.

  2. Switch to the xroad user using sudo.

    Code Block
    $ sudo su - xroad

  3. Initialize the software token using signer-console. In practise, this means reseting the PIN code. After this step the keys generated with the old PIN code cannot be used anymore.

    Code Block
    $ signer-console init-software-token
PIN: 
retype PIN:

  4. Log off from the server and log in to the Central Server admin console at https://{HOST}:4000.

  5. Generate a new configuration signing key (instructions).

  6. Activate the new configuration signing key (instructions).

  7. Delete the old configuration signing key (instructions).

  8. Re-create the configuration anchor(s) (instructions).

  9. Distribute the new internal configuration anchor to the Security Server administrators and the new external configuration anchor to the federation partners.

Filter by label (Content by label)
showLabelsfalse
max5
spacesXRDKB
sortmodified
showSpacefalse

...

reversetrue
typepage
cqllabel = "central-server" and type = "page" and space = "XRDKB"
labelscentral-server


Page Properties
hiddentrue


Related issues