cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
833
Views
5
Helpful
2
Replies

Resetting a VCS - what happens to the SSL Certificate?

Chris Swinney
Level 5
Level 5

Hey all,

We remove TMSPE option key from a VCS but the VCS retains old provisioning info from TMS. The old method to purge the data from the OpenDS database doesn't work (as the folder doesn't exist) and so I'm looking at resting the device and restoring from a backup. However, I wonder what happens to the SSL certificate by a public cert has been installed with the private key generated through the the VCS itself? I assume that the public cert is retained in the backup, but what about the private key?

 

Regards

Chris

1 Accepted Solution

Accepted Solutions

Chris Swinney
Level 5
Level 5

Ner mind. A case of RTFM me thinks! I can keep the certs as part of the reset. From the admin guide:

1.Log in to the system as root.
2.Type factory-reset
3.Answer the questions as required:

The recommended responses will reset the system completely to a factory default state.
Prompt
Recommended response
Keep option keys [YES/NO]?: YES
Keep IP configuration [YES/NO]?: YES
Keep ssh keys [YES/NO]?: YES
Keep ssl certificates and keys [YES/NO]?:YES
Keep root and admin passwords [YES/NO]?: YES
Save log files [YES/NO]?: YES
Replace hard disk [YES/NO]?(only applies to systems running on legacy appliance hardware): NO

4.Finally, confirm that you want to proceed.

View solution in original post

2 Replies 2

Chris Swinney
Level 5
Level 5

Ner mind. A case of RTFM me thinks! I can keep the certs as part of the reset. From the admin guide:

1.Log in to the system as root.
2.Type factory-reset
3.Answer the questions as required:

The recommended responses will reset the system completely to a factory default state.
Prompt
Recommended response
Keep option keys [YES/NO]?: YES
Keep IP configuration [YES/NO]?: YES
Keep ssh keys [YES/NO]?: YES
Keep ssl certificates and keys [YES/NO]?:YES
Keep root and admin passwords [YES/NO]?: YES
Save log files [YES/NO]?: YES
Replace hard disk [YES/NO]?(only applies to systems running on legacy appliance hardware): NO

4.Finally, confirm that you want to proceed.

OK, so this does indeed work and SSL keys are kept, however the main reason for doing this was to eradicate the TMS provisioned data, but restoring from a backup restores the full local database including all the previously provisioned users!

Still I have another thread about this one.....