1. Installation and Administration Guide
  2. Backups
  3. Restore a Backup

Restore a Backup

If all KMAs in a cluster have failed, upload and restore a backup file and backup key file to the KMA.

Available to: Security Officer (requires a quorum)
  1. Before performing this procedures, ensure that you have completed the QuickStart and selected the Restore a Cluster from a Backup option.
  2. Best Practice: Log in to OKM Manager as the temporary Security Officer established in Create Security Officer and Provide Quorum Login of the QuickStart.
  3. In the left navigation tree, expand Secure Information Management, and then select Backup List. Click Restore...
  4. Select a backup key file and backup file. These must match (meaning were created at the same time).
  5. Select a core security backup. This can be older or newer than the backup key file and backup file. You can use any Core Security backup file with any backup key file and backup file.
  6. Click Start.
  7. Enter the Key Split Credentials. These must be Key Split Credential users that were in effect when the Core Security Backup was created.

    Once the restore is complete, the Key Split Credentials that were in effect when the backup (not the Core Security Backup) was completed, will be restored.

    Note:

    Enter Key Split user names and passphrases carefully. Any errors will cause this process to fail with a non-specific error message. To limit information exposed to an attacker, no feedback is given as to which Key Split user name or passphrase is incorrect.
  8. When the restore completes, click Close.
  9. Network settings are not restored. Update the IP address settings for the KMA. Refer to Set KMA Management IP Addresses and Set KMA Service IP Addresses.
  10. Best Practice: Log in to the OKM Manager GUI using the original Security Officer user ID (the one that existed before the restore), and delete the temporary restore Security Officer user ID as a cleanup step. Refer to Delete a User.