Menu
▾
▴
Re: [Ejbca-develop] Problem migrating EJBCA
|
From: Duarte S. <dua...@se...> - 2013-04-16 16:47:38
|
I was able to recover the CA keystore password I downloaded the source code for EJBCA version 3.8.0 and after grep'ing around I found the function loadKeystore(..., String keystorepass) in the class SoftCAToken. Then I decided to import the code into Eclipse, start JBoss in debug mode with the Eclipse debugger attached, a breakpoint in that function and bam, instant password recovery!! In the end the password itself would be easly cracked by a brute-force attack, but the way I did it as so much more style eheheh :P Best regards, Duarte Silva On Tuesday 16 April 2013 08:41:00 Tomas Gustavsson wrote: > There are always alternatives... > > I think you have many options depending on how much you know about > databases, or java programming etc. And how much time/money you want to > spend. > > If you want to migrate to another database: > > You can write a program to export database contents and import into > another database. You can find HSQLDB tools (don't know if there is > any?) to SQL dump the database contents to import into another database. > Or you can export the CAs and individual certificates to file (of not > too many) and import it all in a new installation using the EJBCA CLI. > > PrimeKey has some tools for the common criteria certified version of > EJBCA, EJBCA 5, that can be used to migrate between databases. > > Cheers, > Tomas > > On 04/15/2013 09:28 PM, Duarte Silva wrote: > > Hi David, > > > > the answer I was afraid of, specially because the older version > > installation is using a HSQLDB. There aren't any passwords defined in the > > config files and it's been a long time, I don't even remember what I have > > hate yesterday :| > > > > Is there an alternative way of exporting every CA and bulk export the > > entities to then re-import them in the new installation? > > > > > > Best regards, > > Duarte Silva > > > > On Monday 15 April 2013 14:51:00 David CARELLA wrote: > >> Hi Duarte, > >> > >> You can see the documentation in EJBCA_HOME/doc/RELEASE_NOTES and > >> UPGRADE for information about upgrading from an earlier version of EJBCA. > >> > >> To upgrade from 3.8.0, you will need to upgrade from 3.8.0 to 3.11.x, > >> then from 3.11.x to 4.0.14. > >> > >> Cheers, > >> David Carella > >> > >> On 04/15/2013 01:48 PM, Duarte Silva wrote: > >>> Hi all, > >>> > >>> I have been using EJBCA since 2008, it is a old version (3.8.0) and at > >>> the > >>> time the way the installation was done, wasn't the smartest. Now I'm > >>> trying to migrate the old system to the new version of EJBCA. > >>> > >>> I have installed the new version in a proper manner (with an actual > >>> database and so on) in a different machine and I'm now trying to migrate > >>> the CA's and Entities to the newly created system. > >>> > >>> Whats the best approach to do this migration? > >>> > >>> Thanks in advance, > >>> Duarte Silva > >>> > >>> ------------------------------------------------------------------------ > >>> -- > >>> ---- Precog is a next-generation analytics platform capable of advanced > >>> analytics on semi-structured data. The platform includes APIs for > >>> building apps and a phenomenal toolset for data science. Developers can > >>> use our toolset for easy data analysis & visualization. Get a free > >>> account! http://www2.precog.com/precogplatform/slashdotnewsletter > >>> _______________________________________________ > >>> Ejbca-develop mailing list > >>> Ejb...@li... > >>> https://lists.sourceforge.net/lists/listinfo/ejbca-develop > > > > -------------------------------------------------------------------------- > > ---- Precog is a next-generation analytics platform capable of advanced > > analytics on semi-structured data. The platform includes APIs for > > building apps and a phenomenal toolset for data science. Developers can > > use our toolset for easy data analysis & visualization. Get a free > > account! http://www2.precog.com/precogplatform/slashdotnewsletter > > _______________________________________________ > > Ejbca-develop mailing list > > Ejb...@li... > > https://lists.sourceforge.net/lists/listinfo/ejbca-develop > > ---------------------------------------------------------------------------- > -- Precog is a next-generation analytics platform capable of advanced > analytics on semi-structured data. The platform includes APIs for building > apps and a phenomenal toolset for data science. Developers can use our > toolset for easy data analysis & visualization. Get a free account! > http://www2.precog.com/precogplatform/slashdotnewsletter > _______________________________________________ > Ejbca-develop mailing list > Ejb...@li... > https://lists.sourceforge.net/lists/listinfo/ejbca-develop |
