-
Notifications
You must be signed in to change notification settings - Fork 137
Database Upgrade Use Cases
As PKI developer I want to safely update the PKI database in production environment to fix issues or to provide new functionality.
The upgrade framework should provide a mechanism to:
-
update database schema
-
add new entries
-
delete entries
-
add new attributes to multiple entries
-
modify attributes on multiple entries
-
delete attributes from multiple entries
-
execute the upgrade scripts based on the current database version
-
update the database version after the execution is complete
As a PKI administrator I want to fix PKI server performance issue.
As a PKI administrator I want to use Random Certificate Serial Numbers v2.
Note that if the serial numbers are to be generated using replica-specific sequence numbers, that might require adding new LDAP schema and LDAP entries to store the sequence numbers in the database. However, if the serial numbers are to be generated using UUID, that might not require database changes.
-
Install several CA replicas.
-
Issue certificates from each replica.
-
The serial numbers should be issued using Random Certificate Serial Numbers v1.
-
Run the database upgrade.
-
Issue new certificates from each replica.
-
The serial number should be issued using Random Certificate Serial Numbers v2.
Tip
|
To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis. |