Skip to main content
Skip table of contents

Restoring with the Restore Script

Overview

The restore script can help to migrate local database workloads from one version of EJBCA Cloud to another. It will backup external databases, but not restore them. The recommended way to run EJBCA Cloud is with an RDS database and utilize the Cloud Wizard Cluster Join feature. In the case of local workloads, the system_backup.sh and system_restore.sh scripts can be used. This script is designed to assist with this process but can only do so much. You must be on a supported version of EJBCA Cloud for this to work. Going from a much older version of EJBCA that is not leveraging modern versions of WildFly or Java, may require a professional services engagement.

Script Options

The options in this script are outlined in the table below:

Option

Description

-b

Backup file to restore. This flag is optional and the path can be specified after the script if desired.

-e

Specify the password on the CLI used to decrypt the backup

-d

Database password if not in the start.sh properties file

-s

Silent. Do not have ANY prompts for input (used for automation). Must be used with -e. Assumes all prompts are answered with “Yes”.

The restore script will attempt to detect the encryption type that was used with the system_backup.sh script. It will even fall back to older encryption types from older systems if possible.

Example usage is:

CODE 
/opt/PrimeKey/support/system_restore.sh -b ejbca_db-localhost.localdomain-1765903077.tar.gz

Example output:

CODE 
[root@localhost azure-user]# /opt/PrimeKey/support/system_restore.sh -b ejbca_db-localhost.localdomain-1765903077.tar.gz
Current working directory: /home/azure-user
2025-12-16 16:42:19,301 INFO: Making sure MySQL Galera is running with default password...
2025-12-16 16:42:19,309 INFO: Database is available...Restoring system.
2025-12-16 16:42:19,310 INFO: Checking for Galera cluster...
2025-12-16 16:42:19,318 INFO: Not a clustered node.  Continuing...
2025-12-16 16:42:19,319 INFO: Backing up and dropping old database...
2025-12-16 16:42:19,321 INFO: Old database file will be located at:
2025-12-16 16:42:19,322 INFO: /opt/PrimeKey/support/backup_files/ejbca_backup_before_restore-localhost.localdomain-1765903339.sql
2025-12-16 16:42:19,473 INFO: Encrypting backup with OpenSSL...
2025-12-16 16:42:19,537 INFO: Attempting to decrypt backup file...
2025-12-16 16:42:19,538 INFO: This will try multiple decryption methods automatically...
2025-12-16 16:42:19,540 INFO: No method file found or unknown method. Trying all decryption methods...
2025-12-16 16:42:19,541 INFO: Trying age decryption...
2025-12-16 16:42:19,641 INFO: Age decryption failed, trying OpenSSL methods...
2025-12-16 16:42:19,643 INFO: Trying modern OpenSSL AES-256-CBC decryption...
enter AES-256-CBC decryption password:
2025-12-16 16:42:35,388 INFO: Successfully decrypted with modern OpenSSL method!
2025-12-16 16:42:35,389 INFO: Successfully decrypted backup file.
2025-12-16 16:42:35,391 INFO: Extracting backup archive...
2025-12-16 16:42:35,457 INFO: Successfully extracted backup archive.
2025-12-16 16:42:35,468 INFO: Stopping WildFly and Apache
2025-12-16 16:42:38,619 INFO: This does not appear to be a backup of external database data, restoring local data.
2025-12-16 16:42:42,444 INFO: Restoring database from backup.
2025-12-16 16:42:45,705 INFO: Creating backups of TLS/SSL files and moving new files into place.
2025-12-16 16:42:45,706 INFO: Existing TLS/SSL files will be backed up to /etc/httpd/ssl_backup_1765903339.
2025-12-16 16:42:45,711 INFO: Backing up existing wizard configuration and restoring config file from backup...
2025-12-16 16:42:45,715 INFO: Restoring start.sh file from backup. NOT rotating into place since it contains an old database password.
2025-12-16 16:42:45,716 INFO: It will be restored to /opt/wildfly/bin/start_DATE.sh.
2025-12-16 16:42:45,758 INFO: Creating WildFly credential store...
2025-12-16 16:42:45,761 INFO: Backup created: /opt/PrimeKey/wildfly_config/ejbca-credstore.cs.bak-1765903339
2025-12-16 16:42:45,763 INFO: Creating new credential store
Credential Store has been successfully created
2025-12-16 16:42:46,673 INFO: Updating wildfly credential store password in WildFly configuration.
2025-12-16 16:42:46,676 INFO: Adding alias to credential store...
Alias "wildfly" has been successfully stored
2025-12-16 16:42:47,872 INFO: Starting WildFly...
2025-12-16 16:42:48,889 INFO: Starting Apache...
2025-12-16 16:42:50,053 INFO: Done.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close