000012899 - AxM - Need ClearTrust 5.5.3 to Access Manager 6.0.4 upgrade information and files for Linux

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000012899
Applies ToAccess Manager 6.0.4
ClearTrust 5.5.x
Red Hat 4, SUSE 9 - 32 bit
Red Hat 5, SUSE 10 - 64  bit
IssueAxM - Need ClearTrust 5.5.3 to Access Manager 6.0.4 upgrade information and files for Linux
ClearTrust End Of Life is December of 2009 and customers require some tips on the upgrade process and the materials required. As with any installation and upgrade, the Installation and Configuration guides , readmes and release notes should be referenced as well.   Customers upgrading from 5.5.x to 6.0.4 on Linux platforms.

Instructions to upgrade from ClearTrust 5.5.x to Access Manager 6.0.4 for Linux
                        RHEL 4.0 ES, SUSE Linux ES 9 (32-bit)
                        RHEL 5.0 ES, SUSE Linux ES 10 (64 - bit)

One of the most important issues when upgrading from 5.5.x to 6.0.4 is the backend Schema changes.  With LDAP datastores, the original release of Access Manager 6.0 introduced an issue with the LDAP schema upgrade.  The Access Manager 6.0.4 patch kit and a corrected ldap_55_to_60.sh file are required to upgrade the LDAP schema.  Backup your datastore before performing any upgrades

This is the link to the full installation of Access Manager 6.0 for all platforms:

Optional components which are provided with Access Manager 6.0 are available at these links. They are not required for Access Manager operation:
BEA Weblogic9.2
RSA Certificate Manager 6.7

When running the Access Manager 6.0 server installation, the automated upgrades scripts will try and migrate the 5.5.3 settings to the new configuration, but may not be able to accommodate configuration files that have been heavily modified. A more successful result may be obtained by using the 6.0 configuration files and migrating the 5.5.3 settings over manually.  There are additional settings in the 6.0 files that were introduced as hot fixes and new features.

Manually copy over the keyserver.sec and keyclient.sec files from the $CT_HOME/var directory as well as the license.xml and optional Java JKS or p12 keystores that are in the $CT_HOME/conf directory.
Obtain and install the Access Manager 6.04 patch for the version of Linux required. It is available here:
RHEL 4.0 ES, SUSE Linux ES 9 (32-bit)

RHEL 5.0 ES, SUSE Linux ES 10 (64 - bit)

A new feature of Access Manager 6.0.4 provides support for RSA Adaptive Auth Server products.   The 6.04 pack provides additional jars which are specific to Adaptive Auth.  Copy all the jars in the /lib directory as instructed in the readme.txt and release notes that come with the 6.0.4 patch.

Re-deploy the latest Access Manager 6.0.4 admingui.war file. It is located in the /webapps directory of the 6.0.4 patch kit.   

Replace the java JRE located in $CT_HOME/jre directory installed by 6.0 with that provided with the 6.0.4 patch.  It is located in the /dst directory of the 6.0.4 patch kit.    The new jre provides support for all current DST requirements.
Obtain the corrected ldap_55_to_60.sh file to upgrade the LDAP schema.  Follow the schema update instructions in the Access Manager 6.0 upgrade.pdf file using this replacement ldap_55_to_60.sh file.
Note: If upgrading SQL schema then this file is not required. Use the sql schema update files supplied with the original Access Manager 6.0 install package.

Obtain the latest 6.0.4 hot fix of the components.  Currently only the cleartrust.jar has been updated. The latest Cleartrust.jar is available here:

Compare the startup script .sh  files in the $CT_HOME/bin directory in both  installs 5.5.3 and 6.0, especially the aserver.sh. Check the java heap setting ?Xmx, 128m is too low, 256 is the minimum. Use a higher value if found in the 5.5.3 settings.  Do not carry over any additional custom java directives for garbage collectors.  The 1.5 JRE used by Access Manager 6.0.4 has improved garbage collection facilities.



Legacy Article IDa44412