Directory Services 7.4.2

Move a server

The following procedure moves a server to the new host new-server.example.com. The steps skip creation of system accounts, startup scripts, and registration as a Windows service:

  1. Stop the server:

    $ stop-ds
  2. Renew the server certificate to account for the new hostname.

    Skip this step if the server certificate is a wildcard certificate that is already valid for the new hostname.

    The following command renews the server certificate generated with a deployment ID and password:

    $ dskeymgr \
     create-tls-key-pair \
     --deploymentId $DEPLOYMENT_ID \
     --deploymentIdPassword password \
     --keyStoreFile /path/to/opendj/config/keystore \
     --keyStorePassword:file /path/to/opendj/config/keystore.pin \
     --hostname localhost \
     --hostname new-server.example.com \
     --subjectDn CN=DS,O=ForgeRock

    For more command options, refer to dskeymgr. The default validity for the certificate is one year.

  3. Find and replace the old hostname with the new hostname in the server’s configuration file, config/config.ldif.

    The following list includes configuration settings that may specify the server hostname:

    • ds-cfg-advertised-listen-address

    • ds-cfg-bootstrap-replication-server

    • ds-cfg-listen-address

    • ds-cfg-server-fqdn

    • ds-cfg-source-address

  4. Move all files in the /path/to/opendj directory to the new server.

  5. Start the server:

    $ start-ds
  6. If the server you moved is referenced by others as a replication bootstrap server, update the replication bootstrap server configuration on those servers.

Copyright © 2010-2024 ForgeRock, all rights reserved.