New sining key

Hello,

 

Is there a way to change the sining keys on client computers also known as admin.pub file?

Answers

  • BenBen Posts: 2,640

    Hello Aleksandar,

    Could you precise what is the problem you are facing?

    Why you would like to change the administration key on your clients?

    Reinstallation of the client with a different administration key would be the one way to acheive what you are trying to do.

  • Hello,

     

    Here is the complete explanation of the problem:

     

    - instaled policy manager and exported .pub key

    - instaled client version with above mentioned key

    - reinstaled policy manager and maked new .pub key (configuration is the same, ip address, port, etc.) but the .pub configuration is not the same

    - instaled client version with new .pub key

    - issue here is that the clients with old .pub keys wont accept new policies made with new policy manager

     

    Is there a way just to replace existing .pub file so that old clients would accept new policies?

  • BenBen Posts: 2,640

    Hello Aleksandar,

     

    Thank you for your clarifications. During reinstallation of Policy manager you should always use the key pair formerly used. They should be backed up so that they can be reused when needed.

     

    If you still have them you can import them in the policy manager but then you will need to reinstall the lately installed clients because their key pair won't be working anymore. However the newly installed should be in limited amount.


    You may in any case want to open a support ticket so that we can help you with resolving your issue.

     

    Thank you.

     

  • Hello,

     

    Yes, I am aware of all backup strategies but when your hard drive dies just 3 days after you have put it into production there is no hope. Therefore I asked is there a way to bypass originaly generated .pub key and to replace it, and to awoid reinstaling the client stations.

    Nevertheless thank you on your promted replies, at least now I know what needs to be done. Reinstal...

     

    Best regards.

  • BenBen Posts: 2,640

    Hello Aleksandar,

     

    As the administration key-pair is there to enforce security it cannot be bypassed directly by replacing the file.

     

    In order to assist you best with your problem, I again advise you to open a ticket to our support.

     

    Don't hesitate to mentionned this thread as reference.

     

    Thank you.

This discussion has been closed.