Restoring Encryption Management Server Backups larger than 2GB
search cancel

Restoring Encryption Management Server Backups larger than 2GB

book

Article ID: 153318

calendar_today

Updated On:

Products

Encryption Management Server Gateway Email Encryption

Issue/Introduction

Due to a limitation of Apache, it is not possible to restore backups of 2GB or greater using the Encryption Management Server (previously PGP Universal Server) administrative interface.  To restore backups larger than 2GB requires accessing the server from the command-line interface.

Accessing the Symantec Encryption Management Server (SEMS) command line for read-only purposes (such as to view settings, services, logs, processes, disk space, query the database, etc) is supported. However, performing configuration modifications or customizations via the command line may void your Symantec Support agreement unless the following procedures are followed.

Any changes made to the server via the command line must be:

  • Authorized in writing by Symantec Support.
  • Implemented by a Symantec Partner, reseller or Symantec Technical Support.
  • Summarized and documented in a text file in /var/lib/ovid/customization on the PGP Universal Server itself.

Changes made through the command line may not persist through reboots and may be incompatible with future releases. Symantec Technical Support may also require reverting any custom configurations on SEMS back to a default state when troubleshooting new issues.

Resolution

To restore an *encrypted* backup larger than 2GB in size:

  1. Copy the most current backup file of Symantec Encryption Management Server to a network drive or other location.
  2. Export the Organization Key of the server from the administrative interface.

    Note: It is important to export the full keypair with no passphrase (Select Export Keypair and then click Export Keypair, but leave the passphrase field blank). Entering the passphrase will cause the restore process to fail.
     
  3. Install Encryption Management Server from the .iso image.
  4. Import your SSH key to the server.
  5. Copy the Organization keypair to the server with WinSCP and save the copy in the same location as your backup you will be restoring.
  6. Connect to the server with WinSCP and copy the backup to the /var/lib/ovid/backups/ directory on the server.
  7. Access the server via SSH. For more information on accessing the server via SSH, see article https://knowledge.broadcom.com/external/article?articleId=153592 
  8. Run pgpbackup --restore <backupfile.pgp> --key <orgkeyfile.asc> --done
  9. When the restore operation has completed, the Login page should be displayed.  Login and click around each of the tabs to ensure things are looking good.
  10. Reboot the server.

 

 

 

To restore an *unencrypted* backup larger than 2GB in size:

  1. Copy the most current backup file of Symantec Encryption Management Server to a network drive or other location
  2. Install Encryption Management Server from the .iso image.
  3. Import your SSH key to the server.
  4. Connect to the server with WinSCP and copy the backup to the /var/lib/ovid/backups/ directory on the server.
  5. Access the server via SSH. For more information on accessing the server via SSH, see article https://knowledge.broadcom.com/external/article?articleId=153592 
  6. Run pgpbackup --restore <backupfile.pgp> --done
  7. When the restore operation has completed, the Login page should be displayed.  Login and click around each of the tabs to ensure things are looking good.
  8. Reboot the server.

 

 

Additional Information

180249 - HOW TO: Configure the Backup Location and schedule for Encryption Management Server

180196 - HOW TO: Backup the Organization Key on Symantec Encryption Management Server

153588 - Restore Backup files to Symantec Encryption Management Server (PGP Server)

 

 

 

Powered by Wolken Software