Restore the System Data from a Backup

The restore operation can be performed on a running appliance. The restore operation enables you to either:

  • Recover from disaster, or
  • Revert to a previous data configuration

The restore operation overwrites the following content on the appliance with the backup content:

  • Database content
  • Application configuration files
  • Key store and trust store
  • Licenses
  • OCS card configuration
Important:
  • The system restore menu is only available in Single Mode. If the appliance is configured in Dual Mode, then you cannot perform the restore operation. You must first set the appliance to Single Mode, restore the backup, and finally set the appliance back to Dual Mode.
  • The restore operation does not modify the software configuration (that is, hot fix or service pack).
Prerequisites:
  • You can use a configured appliance or you can re-install a new appliance from scratch.
  • You must have the Backup password available.
  • The appliance compatibility digest must be the same as that of the backup:
    • If compatibility digest on the appliance is different, you must install the appropriate service pack/hot fix to update the compatibility digest prior to the restore operation.
    • The service pack and hot fix versions can be different from those in the backup metadata as long as the compatibility digest is the same.
  • The list of installed ActivID applications must be the same as that of the backup.
  • The cryptography type/configuration is one of the following compatible options:

     

     

    Current Cryptographic State
     

     

    Software

    Software and External HSM configured

    External HSM

    Backup Cryptographic State

    Software

    Allowed

    Allowed

    Allowed

    External HSM

    Not allowed

    Allowed if same security world

    Allowed if same security world

  • For deployments with an external HSM:
    • Make a backup after migration to the external HSM and only restore these backups so that your appliance remains as the ‘external HSM Cryptography’ type.
    • The HSM security world ID must be the same as that of the backup.
  1. Log on to the ActivID Console and, under System in the left menu, select Backup/Restore.

  2. Select the Restore tab.

  3. In the Backup location section, select the SFTP/FTP Site where the backup is stored (or click Add New to configure a new site).

  4. Click Search.

  5. From the Backup File drop-down list, select your backup file, and then click Load.

  6. The latest available backup is selected automatically. The metadata contents are displayed.

    By viewing the metadata, you can verify that the configuration is correct and upgraded, if needed, based on the listed hot fixes.

    The embedded information allows you to:

    • Identity the source appliance that has been backed up
    • Backup date and time
    • Determine software version to install before restoring the data
    • Check compatibility of the backup format
  7. Check compatibility of the backup file with your requirements.

  8. Enter the Backup Password protecting the backup and then click Restore.

    The system checks versions compatibility and backup compatibility.

    If the tests are successful, then the Restore operation starts.

    If you click Cancel during any of the progress message, then the file restoration is canceled.

    If the data is backed up from a different appliance, this restore operation might modify some of the appliance credentials.

  9. When the success message, click Close.

  10. If the ActivID Console displays a warning that one or more of the IdP keys corresponding to the security domains restored are missing after restoring a “Backup external HSM”, you must add them manually to the external HSM. For further information, refer to the technical documentation provided with your HSM.