See below to back up the state of a PKI Hub installation comprising one or several nodes.

As explained in Running clusterctl install, only installations in multi-node mode support state backup and restore, although such installations can indeed run on a single node.

Backing up the state of a PKI Hub installation comprising one node

See below to back up the PKI Hub status when installed in a single node.

To back up the state of a PKI Hub installation with a node

  1. Run the clusterctl backup create command to generate a backup file – for example:
    $ sudo clusterctl backup create --file /home/sysadmin/202341014.bkp --password 7Txsxu
  1. If the deployed solutions use databases, back up the database contents as explained in Backing up the database.
  2. If the deployed solutions use an HSM (Hardware Security Module) to protect private keys, backup the device configuration as explained in Backing up the HSM

Backing up the state of a PKI Hub installation comprising several nodes

See below to back up the PKI Hub state when the installation comprises several nodes.

To back up the state of a PKI Hub installation with several nodes

  1. Run the clusterctl backup create command to generate a backup file – for example: 
    $ sudo clusterctl backup create --file /home/sysadmin/202341014.bkp --password 7Txsxu
  2. Manually backup the following data.
  3. Follow the steps described in Backing up solution settings to back up the CA Gateway, Certificate Enrollment Gateway and Certificate Hub solutions.  

    The settings of the other solutions are automatically included in the backup file generated with the clusterctl backup create command.

  4. If the deployed solutions use databases, back up the database contents as explained in Backing up the database.
  5. If the deployed solutions use an HSM (Hardware Security Module) to protect private keys, backup the device configuration as explained in Backing up the HSM.