Revised Configuration
RapidIdentity Rolling and LTS Releases include a revision to SSL management in RapidIdentity.
In RapidIdentity 4.3 and earlier versions, SSL Management was based on having a KeyStore on each instance for each node in a cluster.
RapidIdentity Rolling and LTS Releases now store the KeyStore in a database. Once a KeyStore is configured it can be attached to a SSL Profile and a single SSL Profile can support multiple SSL Certificates for different instances.
Upgrade Dependency Requirement
An upgrade from RapidIdentity 4.3 to a Rolling or LTS Release should import an existing Keystore and Certificate configuration. If an existing KeyStore in RapidIdentity 4.3 is not imported successfully, the default KeyStore will be configured. Thus, a different KeyStore would need to be imported manually, as described in Step 4b below. Prior to upgrading.
It the environment is operating on a version prior to RapidIdentity 4.3, upgrade to RapidIdentity 4.3 first and then upgrade to the desired Rolling or LTS Release version.
SSL Profile Backup
Prior to attempting to configure or manage existing SSL Profiles, it is advisable to backup all existing SSL Profiles.
Follow these 5 steps to back up SSL Profiles:
Click Export.
Select either JKS or PKCS12/PFX.
Enter a Passphrase and an Alias.
Click Export.
Save the file in a secure location.