Category: System maintenance notice
Context: Certificate authority
The Certificate Authority store needs to be backed up
Machines that hold the Certificate Authority (CA) role have a CA Store, a directory on the local filesystem that contains critical data for the operation of the certificate authority. Because these data are sensitive and, if compromised, could be used to gain unauthorized access to FireMon Security Manager data, they are stored in an encrypted form. The keys for encryption of these sensitive files are derived from machine-specific properties, meaning they can only be accessed on the machine where they were originally created.
To prevent data loss in the event of hardware failure or other circumstances that may render the original machine unusable, FMOS includes a special command, fmos ca backup, that will back up the CA store using a user-specified passphrase to derive encryption keys. This command should be run manually by a user with the FMOS Administrator privilege to obtain a portable backup that can be copied to archive storage.
If the CA backup is out of date, or one has never been created, the entire FMOS ecosystem is at risk of data loss. If the machine that holds the CA role experiences a hardware problem or otherwise experiences an issue that requires FMOS to be reinstalled, communication with other machines in the ecosystem will be broken. All other machines will have to be reinstalled and re-added to the ecosystem as well.
This warning appears in one of two circumstances:
The CA store has never been backed up
The CA store index has been modified (e.g. because a new certificate was issued) since the last time the CA store was backed up
CA store backups can only be created interactively. They are not included in application backups (i.e those created with the fmos backup command).
To resolve this warning, a new backup of the certificate authority database should be made. The fmos ca backup command is is available to create an encrypted backup of the CA store:
fmos ca backup fmos-ca_$(date +%Y%m%d).tar.xz
The newly created backup file should be copied to a remote storage location (e.g. by using scp or sftp) to ensure that it will be available in case the local storage on the CA machine becomes unavailable.
The warning will be cleared automatically after a new backup has been created.