Moving a server and credential store from one cluster to another existing cluster

Follow these steps to move a server and its credential store from one cluster to another existing cluster.

About this task

In this procedure, original server refers to the server you are moving and target server refers to one server in the cluster the server is moving to.

Procedure

  1. From the original server, use the following server console command to copy the server's credential store data to a database: 
     keymgmt export credstore <database> <target_server>
    where
    • <database> is the name of a database to create to store the data.
    • <target_server> is the Notes hierarchical name of a server in the cluster being moved to.
    For example: 
    keymgmt export credstore credstorecopy.nsf hubserver/renovations
  2. Copy the new database to the target server data directory.
  3. Rename the credstore.nsf file on the original server. For example, rename it credstore_orig.nsf
  4. Replicate credstore.nsf from the target server to the original server.
  5. From the target server, export the named encryption key in its server ID file and save it to a key file in the program directory: 
    keymgmt export nek <nekname> <nekname>.key <password>
    where <nekname> is the key name, <nekname>.key is the name of the key file to create, and <password> is a password for the key file.
    For example: 
    keymgmt export nek credstorekey credstorekey.key passw0rd
    Verify that you see a message similar to the following one indicating that the export was successful: 
    5558:0006-4A64] 06/12/2020 09:07:42.69 AM NEK > NEK credstorekey - Fingerprint A8C5 9018 C714 3F05 E574 93D9 5E70 005A 5371 4A71
[5558:0006-4A64] NEK credstorekey exported successfully
  6. Copy the key file from the target server program directory to the original server program directory.
  7. From the original server, import the named encryption key from the key file into the server ID file: 
    keymgmt import nek overwrite <nekname>.key <password>
    where <nekname>.key is the name of the key file and <password> is the password for the key file. For example: 
    keymgmt import nek overwrite credstorekey.key passw0rd
  8. From the target server, populate the target server credential store with the original server credential store data that you exported and copied in steps 1 and 2: 
    keymgmt import credstore <database>
    where <database> is the name of the database with the exported data. For example:
    keymgmt import credstore credstorecopy.nsf