Problem

We need to change the username, password and IP address of the database server which the SecureTransport nodes are using. What are the appropriate actions to do this?

Resolution

Before changing the configurations of the database server, all the ST services must be stopped with the $FILEDRIVEHOME/bin/stop_all command.

For versions 5.3.6 and above

Start the admin service only with $FILEDRIVEHOME/bin/start_admin.

Login to the Admin UI and go to Setup → Database Settings. You can change the Host, Port, User name, Password or DB name on that page. If you have set separate databases for Server Log and File Tracking, these can be changed under "Show Advanced Settings" as well.

ST will check if it can connect to the DB using the new values specified. If the connection is not successful the configuration will not be applied.

After all changes are done and the connection test returns "Connection to Oracle Database is successful." you can proceed and apply the change on the remaining cluster nodes one by one.

If the above procedure fails for some reason, proceed with the steps described in the selection of this article for versions ST 5.3.3 and below.

For versions 5.3.3 and below

Take a backup of the $FILEDRIVEHOME/conf/configuration.xml file.

Edit the file.

The DB connection settings are described in blocks similar to the below:

<Database_*Component databaseName="DB_NAME" databaseType="oracle" host="DB_ADDRESS" password="DB_PASSWORD_HASH" port="DB_PORT" user="DB_USERNAME" ...>

You can change the host, port, DB name and DB username in each component's block in the following parameters: host="DB_ADDRESS", user="DB_USERNAME", databaseName="DB_NAME" and port="DB_PORT".

Changing the password

The password needs to be hashed before changing it in the $FILEDRIVEHOME/conf/configuration.xml file. Follow the step below.

For Linux and UNIX

Source the /etc/fd/env.sh or /opt/Axway/Securetransport/profile.shSecureTransport (or the *.csh* version the scripts, depending on what Shell you are using). Examples:

source /etc/fd/env.sh

or

source $FILEDRIVEHOME/profile.shSecureTransport

Go to to $FILEDRIVEHOME/bin/utils and execute the following command:

aesenc [PASSWORD]

where [PASSWORD] is the new user's password in plain text. Copy the resulting hash in a new text file.

Go back to the $FILEDRIVEHOME/conf/configuration.xml file and paste the new hash in each component's block in the password="DB_PASSWORD_HASH" parameter.

Do not alter the truststore related line which is looking like the below
<databasetruststore password="PASSWORD_HASH" path="lib/certs/issuers/truststore" syncwithservertruststore="true"></databasetruststore>

For Windows

Open the Cygwin shell. Refer to KB 178648 for information how to launch and use the Cygwin shell.

Source the profile.shSecureTransport with the following command:

source ./profile.shSecureTransport

Go to to $FILEDRIVEHOME/bin/utils and execute the following command:

aesenc [PASSWORD]

where [PASSWORD] is the new user's password in plain text. Copy the resulting hash in a new text file.

Go back to the $FILEDRIVEHOME/conf/configuration.xml file and paste the new hash in each component's block in the password="DB_PASSWORD_HASH" parameter.

Do not alter the truststore related line which is looking like the below
<databasetruststore password="PASSWORD_HASH" path="lib/certs/issuers/truststore" syncwithservertruststore="true"></databasetruststore>

After saving the new settings in $FILEDRIVEHOME/conf/configuration.xml, check the network connectivity between ST and the database and start the ST services with $FILEDRIVEHOME/bin/start_all.

Verify that the server operates normally and repeat the above steps on each remaining node of the cluster.