Upgrading an IdenTrust Certificate Authority Configured Before ActivID CMS 5.10

Important: After upgrading to ActivID CMS 5.10 or higher, your IdenTrust CA will not work until you have updated it with the REST API credentials (API key and password) associated with your account.

If you are using an IdenTrust CA that was configured using a previous version of ActivID CMS, when you upgrade to ActivID CMS 5.10 or higher, you will need to obtain your current account credentials (API key and password) for accessing the REST API, and then update your CA with these credentials. There are no changes to the device policies themselves, only the CA needs to be updated. For more details, see Configuring the IdenTrust Certificate Authority.

Note: If you are not using the same account as previously, all your device policies must to be updated with the new customer account ID, account type, and certificate type.

In addition, IdenTrust configurations used an RA A Registration Authority (RA) is an authority in a network that verifies user requests for a digital certificate and instructs the CA to issue it. An RA is part of a PKI, a networked system that enables companies and users to exchange information safely and securely. key in previous versions of ActivID CMS. After upgrading to ActivID CMS 5.10 or higher, it is recommended that you remove this RA key, as well as the trust store file containing CA-trusted certificates.

Note: You can remove the RA key by deleting it from the HSM using vendor-provided tools, or (if applicable) by deleting the file where it is stored (in software form).