Backup and Restore

The EJBCA Enterprise software designed to operate in a high availability and high performance environment.

Backup of EJBCA is essential for most organizations, and EJBCA is designed to make backup easy.

Backing up of EJBCA consists of Dynamic and Static data. Dynamic data is data changed during daily operations. All dynamic data is stored in the database. Static data does not change during normal operations, and only needs to be backed up when changed.

  • Dynamic data that needs to be backed up regularly:

    • Database contents.

  • Static data that only needs to be backed up when changed:

    • EJBCA program files.

    • EJBCA configuration (ejbca/conf).

    • Admin and SSL keystores (ejbca/p12).

Back up an EJBCA installation

To backup an EJBCA installation, do the following:

  • Backup the database

  • Backup all $EJBCA_HOME/conf/**

  • Backup all $EJBCA_HOME/p12/**

If using soft keystores for the CAs, this is all that is needed. If you are using an HSM you need to backup your keys in the HSM as well. How this backup and restore is done depends on the HSM you are using. Consult the documentation for your HSM.

Restore

To restore, do the following:

  • Restore database

  • Unzip new EJBCA

  • Restore conf and p12

  • Run the following to configure JBoss and deploy EJBCA.
    If you are using another application server, consult the Installation documentation for deployment.

    ant deploy
    ant deploy-keystore
    ant web-configure