Upgrading Steward to 2048 bit key and SHA256 signature certificates
Prev Performing a VCS upgrade using the installer Next

Upgrading Steward to 2048 bit key and SHA256 signature certificates

To upgrade Steward to 2048 bit key and SHA256 signature certificates:

  1. Log on to the Steward system as a root user.
  2. Stop the Steward process.
    # steward -stop -secure
  3. Remove /var/VRTSvcs/vcsauth/data/STEWARD
    # rm -rf /var/VRTSvcs/vcsauth/data/STEWARD
  4. Uninstall the VRTSvcs and VRTSperl filesets.
  5. Install the VRTSvcs and VRTSperl filesets.
  6. Run ./installer -securityonenode

    The installer prompts for a confirmation if VCS is not configured or if VCS is not running on all nodes of the cluster.

  7. Enter y when the installer prompts whether you want to continue configuring security.
  8. Run /opt/VRTSvcs/bin/steward_secure.pl.
  9. Set up trust on all nodes of the GCO clusters.
    # export EAT_DATA_DIR=/var/VRTSvcs/vcsauth/data/WAC
# vcsat setuptrust -b IP_of_Steward:14149 -s high
  10. Set up trust on the Steward for every GCO cluster:
    # export EAT_DATA_DIR=/var/VRTSvcs/vcsauth/data/STEWARD
# vcsat setuptrust -b VIP_of_remote_cluster1:14149 -s high
# vcsat setuptrust -b VIP_of_remote_cluster2:14149 -s high
  11. Start the Steward process.
    # /opt/VRTSvcs/bin/steward -start  - secure
Prev Up Next
Re-establishing trust with Steward after upgrading to 2048 bit key and SHA256 signature certificates Home Performing an online upgrade