.png){kind=logo}
In Place Upgrade Procedure - Azure
In this example, the EJBCA host will have an IP Address of 172.16.17.130. Please change to the IP address for the EJBCA node being upgraded.
Download the EJBCA Cloud Upgrade file from your customer download folder or obtain a copy from Keyfactor Support.
Copy the upgrade package to the EJBCA node:
If you use the CLI on a Mac or Linux-based computer, use the following command to copy the file to the host:
BASHscp ~/Downloads/EJBCA_Cloud_and_V1VM_4.3.7-EJBCA_EE_9_3_6_Upgrade.zip root@172.16.17.130:/opt/dist/(Note: If using AWS, ensure you specify the user as ec2-user with your SSH key, and in Azure, specify the user provisioned with your instance.)
If using a program such as WinSCP or CyberDuck:
Click Open Connection.
Enter the host credentials and click Connect.
Select the /opt/dist directory
Drag and drop the file to the EJBCA VM in the
/opt/distdirectory.
SSH to the EJBCA VM and log in as root
BASHssh root@172.16.17.130Change directory to the /opt directory
BASHcd /optUnzip the upgrade file into the /opt/ directory
BASHunzip dist/EJBCA_Cloud_and_V1VM_4.3.7-EJBCA_EE_9_3_6_Upgrade.zipEnsure the file is extracted into the /opt/ directory by doing a directory listing
BASH[root@ejbca-node-01 opt]# ls -la total 0 drwxr-xr-x. 8 root root 148 May 15 17:34 . drwxr-xr-x. 17 root root 261 May 14 20:19 .. drwxr-xr-x. 2 root root 60 May 15 17:29 dist lrwxrwxrwx. 1 root root 22 May 14 18:20 ejbca -> /opt/ejbca_ee_7_3_1_2/ drwxr-xr-x. 7 wildfly wildfly 80 May 14 20:22 ejbca_ee_7_3_1_2 drwxr-xr-x 6 root root 52 May 14 12:20 ejbca_ee_7_3_1_4 drwxr-xr-x. 6 wildfly wildfly 90 May 14 20:23 PrimeKey drwxr-xr-x. 3 root root 21 May 14 17:54 rh lrwxrwxrwx. 1 root root 25 May 14 18:03 wildfly -> /opt/wildfly-10.1.0.Final drwxr-xr-x. 10 wildfly wildfly 237 May 14 18:20 wildfly-10.1.0.Final [root@ejbca-node-01 opt]#Copy the existing config files to the new EJBCA install folder, overwriting the default files with the existing files
BASH/bin/cp -f ejbca/conf/*.properties ejbca_ee_7_3_1_4/conf/Stop WildFly
BASHsystemctl stop wildflyRemove "ejbca" symlink
BASHrm ejbcaNOTE: Ensure it asks you to remove the symbolic link!
BASHrm: remove symbolic link ‘ejbca’?If sure, select "y" and press enter.
Create a new symbolic link
BASHln -s ejbca_ee_7_3_1_4 ejbcaEnsure the symbolic link points to the new EJBCA directory
BASHlrwxrwxrwx 1 root root 16 May 15 17:53 ejbca -> ejbca_ee_7_3_1_4Change the ownership of the new EJBCA files (ensure the trailing "/" in the command below so the permissions of the directory are changed and not the symlink itself)
BASHchown -R wildfly:wildfly /opt/ejbca/Copy the "ejbca.ear" file to the WildFly deployments directory
BASH/bin/cp -f ejbca/dist/ejbca.ear /opt/wildfly/standalone/deployments/If upgrading to newer versions of EJBCA at EJBCA 7.10.0 or above (EJBCA Cloud 2.X to 3.X), additional steps are needed to change the wildfly startup parameters.
Edit the /etc/systemd/system/wildfly.service file to change the startup serviceBASHfrom: ExecStart=/opt/wildfly/bin/standalone.sh to ExecStart=/bin/bash /opt/wildfly/bin/start.shRestart WildFly:
BASHsystemctl start wildflyEnsure the new version of EJBCA is the version you are upgrading to.
Apply the latest indexes for your upgraded version of EJBCA. The indexes are located at
/opt/ejbca/doc/sql-scripts/create-index-ejbca.sql. Apply this index to the database. The indexes will be skipped that are already applied, and the new ones added for any new EJBCA features will be added to the database.
That can be accomplished with:BASHeval "$(grep '^export ' /opt/wildfly/bin/start.sh)" && /opt/ejbca/dist/clientToolBox/ejbcaClientToolBox.sh jdbc \ --url "${DATABASE_JDBC_URL}" \ --username "${DATABASE_MASTERUSER}" \ --password "${DATABASE_PASSWORD}" \ --file "/opt/ejbca/doc/sql-scripts/create-index-ejbca.sql"Or with the MySQL CLI:
CODEeval "$(grep '^export ' /opt/wildfly/bin/start.sh)" && mysql \ -h 127.0.0.1 \ -P 3306 \ -u "${DATABASE_MASTERUSER}" \ -p"${DATABASE_PASSWORD}" \ "${DATABASE_NAME}" \ < /opt/ejbca/doc/sql-scripts/create-index-ejbca.sql