How to migrate sensors to a different EDR server
sudo tar -cvpzf /etc/cb/certs/cb-certs-backup.tar.gz /etc/cb/certs
chown root:cb /etc/cb/certs/cb-server* /etc/cb/certs/cb-client-ca* chmod 644 /etc/cb/certs/cb-server* /etc/cb/certs/cb-client-ca*
/usr/share/cb/cbinit
sudo chmod 770 import_cert.py sudo ./import_cert.py --execute
Traceback (most recent call last): File "./import_cert.py", line 3, in <module> from cb.core.certificates import HttpsProxy ImportError: No module named cb.core.certificates
chmod o+x import_cert.py sed -i.bak 's/\r$//' import_cert.py sudo ./import_cert.py
#!/usr/share/cb/virtualenv/bin/python from cb.core.certificates import HttpsProxy from cb.utils import Config from cb.utils.db import db_session_context from cb.utils import get_utcnow_with_tzinfo from cb.db.core_models import ServerCert from cb.utils.cb_ssl import SSLCertAndKey import argparse import sys def get_args(): parser = argparse.ArgumentParser() parser.add_argument('-c', '--config', action="store", default="/etc/cb/cb.conf", help="Path to the cb.conf file.") parser.add_argument('-e', '--execute', action="store_true", default=False, help="Perform update instead of just a dry run.") return parser.parse_args(sys.argv[1:]) def print_separator(text): text = text.split('\n') length = 20 for line in text: length = max(len(line), length) print('-' * length) def update_cert(config, dry_run=True): if config.UnifiedViewEnabled: print("Cannot run on unified view server.") exit() with db_session_context(config) as db_session: proxy = HttpsProxy(config) keys = proxy.get_default_key_pair() cert = db_session.query(ServerCert).filter(ServerCert.is_default == True).one() if not cert: print("No default certificate found.") exit() print("Public Key before update:") print_separator(cert.x509_cert) print(cert.x509_cert) cert.enabled = True cert.is_default = True cert.name = "Legacy" cert.added_time = cert.changed_time = get_utcnow_with_tzinfo() cert_and_key = SSLCertAndKey.load_from_string(keys.public, keys.private) cert.x509_cert = keys.public cert.private_key = keys.private cert.fingerprint = cert_and_key.fingerprint(as_text=True) cert.thumbprint = cert_and_key.thumbprint(as_text=True) cert.subject = cert_and_key.subject(as_text=True) cert.server_name = "" cert.not_valid_before = cert_and_key.not_valid_before() cert.not_valid_after = cert_and_key.not_valid_after() cert.self_signed = cert_and_key.self_signed() print("Public Key after update:") print_separator(cert.x509_cert) print(cert.x509_cert) if dry_run: db_session.rollback() print("This was a dry run. To commit changes, run with --execute option.") else: db_session.commit() print("Default certificate imported into the database.") if __name__ == "__main__": args = get_args() config = Config() config.load(args.config) update_cert(config, not args.execute)