Upgrading Steward to 2048 bit key and SHA256 signature certificates

To upgrade Steward after upgrading to 2048 bit key and SHA256 signature certificates:

  1. Log on to the Steward system as a root user.
  2. Stop the Steward process.
    # steward -stop -secure
  3. Remove /var/VRTSvcs/vcsauth/data/STEWARD.
    # rm -rf /var/VRTSvcs/vcsauth/data/STEWARD
  4. Upgrade the VRTSvcs and VRTSperl RPMs using:
    # rpm -Uvh
  5. Run ./installer -securityonenode

    The installer prompts for a confirmation if VCS is not configured or if VCS is not running on all nodes of the cluster.

  6. Enter y when the installer prompts whether you want to continue configuring security.
  7. Run /opt/VRTSvcs/bin/steward_secure.pl.
  8. Set up trust on all nodes of the GCO clusters:
    # export EAT_DATA_DIR=/var/VRTSvcs/vcsauth/data/WAC
    # vcsat setuptrust -b IP_of_Steward:14149 -s high
    
  9. Set up trust on the Steward for every GCO cluster:
    # export EAT_DATA_DIR=/var/VRTSvcs/vcsauth/data/STEWARD
    # vcsat setuptrust -b VIP_of_remote_cluster1:14149 -s high
    # vcsat setuptrust -b VIP_of_remote_cluster2:14149 -s high.