000020608 - What is a Replica Package and how to generate one in RSA ACE/Server running on UNIX platforms?

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000020608
Applies ToRSA ACE/Server
RSA Authentication Manager
UNIX (AIX, HP-UX, Solaris)
Replica Package
IssueWhat is a Replica Package and how to generate one in RSA ACE/Server running on UNIX platforms?

A Replica Package is created on the RSA ACE/Server Primary by running the following command './sdsetup -package' from the $USR_ACE directory (/ace/prog). The Replica Package is used to update or add Replica Servers to an ACE/Server Realm.

The environment variables must be properly configured for the 'sdsetup -package' command to work, and there must not be any files or subdirectories in the $REP_ACE directory (/replica_package), additionally the /replica_package directory must exist at the location that the $REP_ACE environment variable indicates.

The default location for the /replica_package directory is $VAR_ACE/replica_package (/ace/data/replica_package). You must also be able to resolve the hostname and IP address of the Replica you wish to add, an entry in the hosts table will suffice. Please see the solution titled How to setenvironment variables for RSAACE/Server and RSA Authentication Manager.

The following Directories and files will be created in the $REP_ACE directory:

DIRECTORIES                  FILES                        PURPOSE

/database                        sdrepnodes.txt        A list of the replicas this replica package was built for.

        *                              sdserv.bi                  A binary information file used to ensure referential integrity.

        *                              sdserv.db                 The Administrative Database.

        *                              sdserv.lg                  The History of Database events from the Primary.

        *                              sdserv.vrs                Format Version information for the Database.


                                       license.rec                The ACE/Server license record.

                                       sdconf.rec                The Primary Server's configuration record
                                                                        The sdconf.rec requires modification on Replica's
                                                                        See solution titled How to install and activate RSAACE/ServerReplica on UNIX: QuickNotes

                                        sdti.cer                    Certificate of authenticity from RSA Security.

                                        server.cer                Local Certificate for Administrative authenticity.

                                       server.key                Key file used by Primary to verify server.cer on administrative workstations.


1. Change directory to ace/prog

2. Stop the ACE/Server  by running ./aceserver stop

3. Stop the Brokers by running ./sdconnect stop

NOTE: IF the folder /ace/data/replica_package exists remove that folder prior to next step.

4. Run ./sdsetup -package

5. You will be prompted "Do you want to add new Replicas before generating Replica Package (y/n) [n]".  Click Enter if you want to generate replica package for existing replica(s)

  a. You would now be notified either how many Replica(s) you have on your database or that you do not have any Replica(s) and need to first create one -- kindly refer to RSA install documentation on how to create a new replica.

6. You will be prompted "Do you want to generate Replica Package for all known replicas (y/n) [y]".  Click Enter if you would like to generate a replica package for ALL your replica(s), else press 'n' and 'Enter' to identify your replica(s) to generate a replica package for.

7. You will be prompted  'Name of replica:'. Enter the desired hostname press return.

8. You will be prompted  "You have specified replica name 'REPLICA NAME'" - confirm (y/n/q) [y]. Press Enter if correct.

9. You will be prompted 'Name of replica:'. Press Enter or add another Replica name

NOTE: When you are done identifying all your replica(s) targeted for replica package generation, do not type any information and press return to begin replica package generation

10. You will be prompted 'Have you entered all replicas you would like included in this package (y/n/q) [y]'. Press Enter.

11. Copy the contents of the $REP_ACE data directory on the primary to the $VAR_ACE directory on the replica

12. Start the ACE/Server on the primary and replica

Please see the solution titled How to tell the Primary and a Replica are synchronizing in RSA ACE/Server and RSA Authentication Manager and How to generate or push a Replica Package to one UNIX Replica at a time manually for further information.

You can use the Replica Package you have just generated only on the replica's you have specified. The applicable servers are listed in the sdrepnodes.txt file in the /replica_package/data directory.

NOTE: This process may be repeated at any time to add up to ten replicas total.

Legacy Article ID6.0.3480228.2928313