- After signing in via CLI, an alert is seen stating: ALERT: The Certificate Authority store needs to be backed up
This alert can be caused by the following:
- The CA store has never been backed up
- The CA store index has been modified (e.g. because a new certificate was issued) since the last time the CA store was backed up
To back up the CA store use the following command. This command will have to be ran by an FMOS administrator.
fmos ca backup /path/to/file
Where file is the name chosen for this backup file. This name is user specified. A user specified passphrase will also need to be created. DO NOT LOSE this passphrase or the CA backup file is useless. This will create a backup file for your FMOS CA.
The above will SCP transfer this file to a server of your choosing. This file can also be transferred using any file transfer program as well.
In this example, a VM with an FQDN of Pruitte.firemon.local was used.
Copied over the first line of the commands listed above, entered a passphrase, and confirmed its spelling.
Modified the second line to match my FQDN and storage location of the target destination:
scp fmos-ca.tar.xz Pruitte.firemon.local:/var/tmp/