CSSCurrent en:Disaster Recovery Procedure

Aus Cryptshare Documentation
Version vom 5. Juni 2024, 11:34 Uhr von Frorathm (Diskussion | Beiträge) (→‎Step 1: Set up a new Cryptshare Server)
(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)
Wechseln zu:Navigation, Suche



Preface

For recovering Cryptshare without data loss, a backup of its database and a copy of the upload folder are required. For a quick recovery process, it is also recommended to backing up the SSL certificate and the configuration of the Cryptshare Web Application. Backups of the database are created daily. We recommend backing up to a remote directory to ensure availability in the event of disasters where access to the local file system is no longer possible. On virtual machines the hypervisor’s fault tolerance options can be used for guaranteeing.

Backup

Depending on your use case, different recovery options are available.

Recovering from Backup Recovering from Snapshot
Cryptshare Hardware Appliance x
Cryptshare Virtual Appliance x x\*
Cryptshare custom installation on HW x
Cryptshare custom installation on VM x x\*

\*has to be configured in the Hypervisor. The following plans are matching the configuration of our Cryptshare Appliances and standard installation on Windows Server. On custom installations, the paths and settings of Cryptshare may vary. The following folders have to be backed up:

Cryptshare Appliances:

  • Backup folder:
    • `/var/opt/cryptshare-3/backup`
  • Upload folder:
    • `/var/opt/cryptshare-3/uploads`
  • Keystore containing your SSL certificate
    • `/opt/cryptshare-3/lib/security/keystore`
  • Design and configuration of your Cryptshare Web Application
    • `/opt/cryptshare-3/resources`

Standard installation on Windows Server:

  • Backup folder:
    • `C:\Program Files (x86)\befine solutions AG\Cryptshare\backup`
  • Upload folder:
    • `C:\Program Files (x86)\befine solutions AG\Cryptshare\upload`
  • Keystore containing your SSL certificate
    • `/opt/cryptshare-3/lib/security/keystore`
  • Design and configuration of your Cryptshare Web Application
    • `/opt/cryptshare-3/resources`

Recovery

Scenario 1: Activating a prepared Cold Standby appliance

For our Cryptshare Appliances, a cold standby scenario can easily be setup. Simply provide an additional Cryptshare Appliance in your environment and stop the Cryptshare service on it. Then copy the folders mentioned to the second appliance (APPLIANCE2) on a regular basis. For copying the folders to the second Cryptshare Appliance following commands can be used.

scp /var/opt/cryptshare-3/backup/\* root@APPLIANCE2:/var/opt/cryptshare-3/backup/
scp /var/opt/cryptshare-3/uploads/\* root@APPLIANCE2:/var/opt/cryptshare-3/uploads/
scp /opt/cryptshare-3/lib/security/keystore root@APPLIANCE2:/opt/cryptshare-3/lib/security/keystore
scp -r /opt/cryptshare-3/resources root@APPLIANCE2:/opt/cryptshare-3/
scp /opt/cryptshare-3/cs\_licence.txt root@APPLIANCE2:/opt/cryptshare-3/

In case of disaster adjust the network settings of the second appliance to match the first ones or change your DNS settings accordingly. Afterwards start the Cryptshare Service on the second appliance and import the latest backup.

Scenario 2: Start from scratch

Step 1: Set up a new Cryptshare Server

Option 1: As Virtual Appliance

Go to https://customer.pointsharp.com/en/support and follow the instructions to set up a new Cryptshare Appliance from scratch.

Option 2: As Self-Installed System on Linux or Windows

Go to Cryptshare customer portal or partner portal, log in and download the installer of your choice. Run the installer to set up the Cryptshare Server.

Step 2: Restore Backup

Option 1: On Linux (Virtual Appliance or Self-Installed system)

Copy the folders from the backup to the new Cryptshare Server using the following commands:

scp /var/opt/cryptshare-3/backup/\* root@APPLIANCE2:/var/opt/cryptshare-3/backup/
scp /var/opt/cryptshare-3/uploads/\* root@APPLIANCE2:/var/opt/cryptshare-3/uploads/
scp /opt/cryptshare-3/lib/security/keystore root@APPLIANCE2:/opt/cryptshare-3/lib/security/keystore
scp -r /opt/cryptshare-3/resources root@APPLIANCE2:/opt/cryptshare-3/
scp /opt/cryptshare-3/cs\_licence.txt root@APPLIANCE2:/opt/cryptshare-3/

Option 2: On Windows (Self-Installed system)

copy \[Cryptshare Installation Folder\]\\backup\\\* \[Cryptshare Installation Folder\]\\backup\\
copy \[Cryptshare Installation Folder\]\\uploads\\\* \[Cryptshare Installation Folder\]\\uploads\\
copy \[Cryptshare Installation Folder\]\\lib\\security\\keystore \[Cryptshare Installation Folder\] \\lib\\security\\keystore
copy \[Cryptshare Installation Folder\]\\resources \[Cryptshare Installation Folder\]\\
copy \[Cryptshare Installation Folder\]\\cs\_licence.txt \[Cryptshare Installation Folder\]\\

Step 3: Start up the machine