Backing Up and Restoring the Appliance

The backup/restore process ensures the continuity of the operations supported by the appliance in case of a catastrophic event and when all redundant mechanisms have failed with a minimal loss of data and downtime.

The backup and restore procedures enable the appliance to revert to a previous state.

Important: If the appliance is in Dual Mode, then you must set it to Single Mode before performing the restore operation.

The Backup can be executed via the ActivID Console:

  • On a defined schedule or on demand
  • Before installing a hot fix or a service pack (as a best practice)
  • After software update which modifies the compatibility digest (to have a backup compatible with the new compatibility digest).

The Restore can be executed via the ActivID Console:

  • To restore the appliance data and configuration after a factory reset during re-installation on the same appliance, or to restore the appliance data and configuration on a new appliance.
  • Only when the appliance is in Single Mode.
  • Only on an appliance with the same compatibility digest as backup.

About the Backup Files

Each backup file is encrypted and stored in the configured location (on an FTP or SFTP server).

The name of the backup file displayed in ActivID Console is in the format: _<hostname>_<date>-<time>.

The format of the backup files is automatic, where:

The following content is backed up in order to restore appliance data and configuration, if needed:

  • Database content
  • Application configuration files
  • Licenses
  • Key store and trust store
  • OCS card configuration

The following data is not backed up:

  • Software – To restore the system identically, you must re-install the appliance with the same configuration as it was at backup, including Service Pack and hot fixes installation, and then perform the data restore.
  • External HSM keys – You must back up the external HSM data as explained in the technical documentation provided with your HSM.

Only information that is meant to be restored is backed up. Other data (such as logs and troubleshooting information) is archived separately.

The backup file has self-information that is readable from the ActivID Console. This information enables users to:

  • Identity the source appliance that has been backed up
  • Backup date and time
  • Determine the software version to install before data restore
  • Check compatibility of the backup format and view the compatibility digest

The metadata format allows to check compatibility with previous and future versions of the appliance. If you upgrade in the future, then readability will not be affected.

The metadata includes the following:

  • Format Version
  • Compatibility Digest
  • Description (this can be updated by the operator)
  • Date and Time
  • Source (Hostname)
  • Appliance Version
  • HSM security world identifier (for external HSM deployments only)
  • Cryptographic Type (Software or External HSM)
  • Installed Applications

Topics in this section: