This section describes how to change the passwords for the Network Configuration Manager database, lockbox, and PKCS certificate to a minimum of 15 characters.
Before upgrading in silent mode, follow the steps to change these passwords to 15 characters.
Procedure
- Steps to update database password:
- Execute below commands in NCM Application server:
- Run the $VOYENCE_HOME/tools/password-change.pl script to update the database password.
# type the letter 'C' to change a password ([C]hange Single Password) # type the number '7' to change the database password (7. database) # enter the old (9 char long) password when prompted for 'Current Password' # enter the new password when prompted for 'New Password'
- The encrypted password was generated using the NCM java utility. It takes the plain text password as an argument and outputs the encrypted password.
source /etc/voyence.conf $JAVA_HOME/bin/java -cp "$VOYENCE_HOME/tools" NCM -e PLAIN_TEXT_PASSWORD
- Restart vcmaster service.
- Run the $VOYENCE_HOME/tools/password-change.pl script to update the database password.
- Update Encrypted password in NCM Database server.
The database password is saved in /opt/smarts-ncm/conf/setup/install.properties in an encrypted form in the NCM database server. This file is used by the NCM installer during the NCM database upgrade.
After changing the password on the Application server, copy the encrypted database password (as mentioned in step 1 > a > 2) from Application server to the database server.
- Open $VOYENCE_HOME/conf/setup/install.properties file.
- Search for the word DBPW.
- Replace the old encrypted password with the new encrypted password generated:
DBPW=<ENC>-395cce2abe818dbee0f4fadaae6c7657</ENC>
- Execute below commands in NCM Application server:
- Steps to update lockbox password.
- Execute the below commands in NCM Application server:
- Run $VOYENCE_HOME/tools/passphrase/changePassphrase.pl, and change the new lockbox passphrase to 15 characters.
- To unlock the lockbox with new passphrases, run the following command:
cd $VOYENCE_HOME/bin ./cstdriver -lockbox ../data/lockb.clb -passphrase NEW_LOCKBOX_PASSPHRASE
- Restart vcmaster service.
- Execute the below commands in NCM Device server:
- Run the following commands:
source /etc/voyence.conf cd $VOYENCE_HOME/bin ./cstdriver -lockbox ../data/lockb.clb -passphrase OLD_LOCKBOX_PASSPHRASE -change-passphrase NEW_LOCKBOX_PASSPHRASE
- Copy the updated lockb.clb file from Application server to the Device server and update LOCKBOX FILE location in the silent-install.properties accordingly.
- Restart vcmaster service.
- Run the following commands:
- Execute the below commands in NCM Application server:
- Steps to update PKCS password:
- Execute the below commands in NCM Application server:
source /etc/voyence.conf cd $VOYENCE_HOME/bin perl exportcertsintopkcs.pl NEW_PKCS_PASSWORD
- Change the ownership privilege, by running the command:
chown ncm:voyence $VOYENCE_HOME/conf/bundle.p12
- Copy the updated bundle.p12 file from Application server to the device server and update CERT_FILE location in the silent-install.properties.
- Restart vcmaster service.
- Execute the below commands in NCM Application server: