- Launch Guide
- Quick Start Guide
- Backup Guide
- Restore and Upgrade Guide
- TLS Certificate Generation Guide
- Cluster Configuration Guide
-
Peering to EJBCA Cloud Configuration Guide
- AWS Operating Environment
- EJBCA/SignServer Peering Security Groups
- Generate TLS Certificates for SignServer
- Allow Peer Connections in SignServer
- Peer Connection Configuration
- Creating the Peer Connection
- Allow Peer Connection in SignServer
- Configuring Automatic Generation and Key Renewal over Peers
- Automatically Renewing the Key Binding Key
-
SignServer CloudHSM Integration Guide
- Multiple Crypto Tokens with AWS CloudHSM
- Create a CloudHSM Cluster
- Use OpenSSL to Validate the HSM
- Initialize the CloudHSM
- Assigning Security Group
- Configure the cloudhsm-client
- PKCS11 PIN
- Activate Cluster
- Create a CloudHSM Crypto User
- Create Keystore in HSM with ClientToolBox
- Test with EJBCA ClientToolBox
- Create CryptoToken in SignServer
- Restoring HSM Backup to New Instance
Copying Backup Files to Other Systems
Copying File to Local Workstation
Using either the command line interface (CLI) or a Secure Copy Protocol (SCP) utility, copy the file to your local system. You can copy the file directly from one instance to another if your VPC allows it. In this example, we will bring the file down locally and then SCP it to the new instance.
- Using the CLI:
# scp -i ~/Documents/C2\ Comp/PrimeKey/EC2\ Creds/c2-ssh/c2-ssh.pem ec2-user@ec2-34-229-187-81.compute-1.amazonaws.com:/home/ec2-user/signserver_db-ip-172-16-0-128.ec2.internal-1509663778.tar.gz ~/Downloads/signserver_db-ip-172-16-0-128.ec2.internal-1509663778.tar.gz - Using a SCP utility (in this case Cyberduck):
- Specify details to connect to your instance, for example hostname, username, and SSH key:
- Connect to the instance and download the file to the local system:
- Wait for the download to complete.
- Specify details to connect to your instance, for example hostname, username, and SSH key:
Copy Backup File to Another Instance
- SCP the backup file to another instance using the following CLI command:
# scp -i ~/Documents/C2\ Comp/PrimeKey/EC2\ Creds/c2-ssh/c2-ssh.pem ~/Downloads/signserver_db-ip-172-16-0-128.ec2.internal-1509663778.tar.gz ec2-user@ec2-52-23-217-245.compute-1.amazonaws.com:/home/ec2-user/ - Once the backup file is copied, SSH into the new host and verify that the file was copied correctly.