Migrating, coexisting, and interoperating – Security considerations
This information addresses migrating a security configuration from a previous release of IBM WAS to WAS V6.1 or later.
If security is enabled in the previous release, obtain the administrative server ID and password of the previous release. This information is needed in order to run certain migration jobs.
You can optionally disable security in the previous release before migrating the installation. No logon is required during the installation.
Procedure
Use the First steps wizard to access and run the Migration wizard.
- Start the First steps wizard...
./app_server_root/profiles/profile/firststeps/firststeps.sh
- On the First steps wizard panel, click Migration wizard.
- Follow the instructions provided in the First steps wizard to complete the migration.
Results
The security configuration of previous WAS releases and its applications are migrated to the new installation of WAS V6.1.
What to do next
If a custom user registry is used in the previous version, the migration process does not migrate the class files that are used by the standalone custom registry in the previous directory...
app_server_root/classesTherefore, after migration, copy your custom user registry implementation classes to...
app_server_root/classesIf you upgrade from WAS, V5.x to WAS, V6.1, the data associated with V5.x trust associations is not automatically migrated to V6.1.
Vender-specific signer certificates, such as...
- VeriSign
- Thawte
... are no longer included in the default truststore for WAS. To have these signer certificates available after migration, import them into the Application Server.
To import signer certificates using the administration console, navigate to...
Security | SSL certificate and key management | Key stores and certificates | CellDefaultTrustStore | Signer certificates | Add