The Deep Security console certificate may be removed after upgrading the Deep Security Manager (DSM).
During the Deep Security Manager (DSM) upgrade process, the files named .keystore and configuration.properties in the DSM installation folder will be backed up. Once the upgrade is completed, DSM will check the "keystorePass" parameter in the backup configuration.properties file with the backup .keystore file.
Below are three (3) possible scenarios that may occur:
- If the original keystore file path was "DSM Install path\.keystore", then the examination of keystorePass will be successful.
- If the original keystore file path was not "DSM Install path\.keystore", and there is no .keystore file, then the examination will fail. It happens because the .keystore file was not backed up. DSM will try to regenerate a new .keystore file and generate a new keystorePass.
- If the original keystore file path was not "DSM Install path\.keystore", and there is a .keystore file which is different from the original keystore file, the examination will also fail. It occurs since the keystorePass does not match the backup keystore file. DSM will try to regenerate a new .keystore file and generate a new passphrase.
For the second and third scenarios mentioned above, follow this workaround:
- Copy the keystoreFile and keystorePass from the "DSM Install path\backup\configuration.properties" file.
- Replace the keystoreFile and keystorePass in the "DSM Install path\configuration.properties" file.
- Restart the Deep Security Manager service.