-
Task
-
Resolution: Done
-
Neutral
-
None
-
None
-
None
-
-
Empty show more show less
-
Empty show more show less
-
Docu Sprint 53, Docu Sprint 54
-
3
People have encountered problems with activation (due to changed private key?) on disposable installations on the cloud (could be Magnolia cloud or other cloud based solutions of on-premise-customers).
There is a approach how to overcome it. Let's document it.
Possible approach:
- Describe the situation as simple as possible. Reader should understand the issue.
- Which keys are where / on which instances.
- Which processes requires which kind of keys.
- Describe the use cases which may lead to issues
- Possibly corrupted / hacked system
- requires a new private key and the generation of a new public key
- Custom cloud based installation gets disposed & and re-setup again
- Back-up the private key upfront in order to reuse it again;
Automate backing-up and reusing of the private key - do not rely on Magnolia only in this case - Note that The Magnolia Cloud ensures that the private key is reused after disposal and re-setup
- Back-up the private key upfront in order to reuse it again;
- Possibly corrupted / hacked system
- Possible key issues & how to solve
- Public key has been generated on author; possible reasons: by accident; because the private key has changed
- Delete public keys manually on public nodes
- On the password app:
- Set the passwords again (they are hashed based on the public key)
- Publish the password nodes
- Private key must be replaced
- Make sure your system is well protected (platitude)
- regenerate the public key
- Execute the steps as explained above in the section Public key has been generated on author
- Public key has been generated on author; possible reasons: by accident; because the private key has changed
Audience
The target audience is system admins / developers using Magnolia.
Cloud
Since the Magnolia Cloud offering takes care for the environment - e.g. by creating backups which include a backup of the private key (in a file) and the public key (which is stored in JCR) - cloud users should not be affected.
However - there is one use case:
A cloud user accidentally hits the "Regenerate public key" button.
- The cloud user must contact support in order to delete the public keys on the public instances.
- The cloud user must re-enter all the passwords stored via password manager and publish the items of the password manager
On premise or custom/self-created-cloud-solution users
All above use cases may occur.
Acceptance criteria