Overview#

This page describes the process to backup a PKI server that can be restored in the future.

Backing up Server Files#

See Backing Up PKI Server.

Backing up LDAP Database#

To backup the main database:

$ db2ldif -V -Z localhost \
    -n userRoot \
    -a /var/lib/dirsrv/slapd-localhost/ldif/userRoot.ldif

To backup each subsystem database, check the database name used by each subsystem:

$ pki-server ca-db-config-show
  Hostname: localhost
  Port: 389
  Secure: false
  Authentication: BasicAuth
  Bind DN: cn=Directory Manager
  Bind Password Prompt: internaldb
  Database: ca
  Base DN: dc=ca,dc=pki,dc=example,dc=com
  Multiple suffix: false
  Maximum connections: 15
  Minimum connections: 3

Then execute the following command:

$ db2ldif -V -Z localhost \
    -n ca \
    -a /var/lib/dirsrv/slapd-localhost/ldif/ca.ldif

Note: The output directory must be writable by dirsrv user.

See Also#