...
After the backup is finished you can see it listed in the Available backups.
| Anchor | ||||
|---|---|---|---|---|
|
Private Key management has its own rules due to high sensitivity of the information it deals with. As a matter of fact whoever has direct access to the private key must not have direct access to its content unless necessary, because he can else seriously compromise
| Brand | ||
|---|---|---|
|
- private key file is generated on a dedicated machine and could be leaked or copied during its transfer
- private key file is shown on console and an unauthorized user can get access to it, in case of wrong profile configuration
That's why keypair generation is automatic and there's no direct access to such sensitive informations.
For the same reasons even Full backup does not include private key, which needs to be managed alone. Actually Private Key backup is available only via SSH as user ephone.
After you logged into
, command line script can be used to export keypair:Brand brand server
| Code Block |
|---|
[ephone@xxx ]$ sudo /data/bin/private_key_backup.sh <keypair description> |
You will be prompted to input a password to protect the keypair, which is going to be exported in PKCS12 format and it will be found in: /home/ephone/<keypair description>.p12
| Info |
|---|
<keypair description> is the "description field" shown in web console when accessing key pair view |
3.1.2 Restores
If you want to restore from a backup, select it from the backups list.
...
Click on the Restore button and confirm in the pop up window: the Management console will inform you the services are going to be restarted and you'll be automatically log out. After you log in again, you find the restored backup is disappeared from the backups list.
3.1.2.1 Private Key restore
For the same reasons explained above this feature is available only via SSH as user ephone.
After you logged into
| Brand | ||
|---|---|---|
|
| Code Block |
|---|
[ephone@xxx ]$ sudo /data/bin/private_key_restore.sh <pathfile> |
You will be prompted to input a password to decrypt the keypair, imported in PKCS12 format.
| Note |
|---|
If you need to restore your Private Key on a different server, which is a most possible scenario, then you have first to copy your backupped private key on it. You can use scp command and user ephone. |
3.1.3 Delete Backups
If otherwise you choose to press the Delete button and thus erase the archive, the you get a confirmation pop-up windows and then the list of available backups is show with a warning message as shown below:
...