-
Notifications
You must be signed in to change notification settings - Fork 20
NUM‐CODEX DSF Upgrade From 0.4.0 to 0.5.2
See NUM-CODEX Upgrade from 0.4.0 to 0.5.4 for the latest release.
TLDR: Backup your organization DSF identifier, certificates and private-keys, delete 0.4.0 and install 0.5.2 using NUM‐CODEX DSF 0.5.2 Deployment.
This guide is not suitable for HiGHmed organizations. If you are a member of HiGHmed, see HiGHmed Upgrade.
Upgrading the DSF from 0.4.0 to 0.5.2 is essentially equivalent to a fresh installation. The following section lists files and parameters from the 0.4.0 installation you need to backup and then reuse in the 0.5.2 install. The requirements for virtual machines, docker, the network-setup between DSF FHIR server and DSF BPE server, firewalls (open ports) and the DMZ setup as well as client and server certificates from the DFN PKI have not changed.
-
Backup your DSF FHIR server server-certificate and the corresponding private-key from the DFN-PKI. You do not need to port any CA files since they are provided in the config .tar.gz file.
-
Backup your organizations client-certificate and the corresponding private-key from the DFN-PKI used in both the DSF FHIR and DSF BPE servers. If you do not have the original certificate.pem and private_key.pem files, but only the generated p12 file. You can extract the client-certificate and private-key from the p12 file. To extract the private-key:
openssl pkcs12 -in client_certificate.p12 -nocerts -nodes | \ openssl pkcs8 -topk8 -v2 aes-128-cbc -v2prf hmacWithSHA256 -out client_certificate_private_key.pem
The command above will ask for the password to the p12 file as well as a password to encrypt the key inside the new pem file.
To extract the client-certificate:
openssl pkcs12 -in client_certificate.p12 -nokeys -clcerts | openssl x509 -out client_certificate.pem
The command above will ask for the password to the p12 file.
- Write down your DSF organizations identifier value (aka the shortest FQDN that resolves the main homepage of your organization) as well as the name of your organization from the FHIR bundle at
/opt/fhir/app/conf/bundle.xml
.
-
Shutdown and remove the docker containers:
- On your DSF BPE server execute from
/opt/bpe
docker-compose down
- On your DSF FHIR server execute from
/opt/fhir
docker-compose down
- On your DSF BPE server execute from
-
Delete or move the old docker-compose directory structures:
- On your DSF BPE server execute
sudo mv /opt/bpe /opt/bpe_0.4.0
- On your DSF FHIR server execute
sudo mv /opt/fhir /opt/fhir_0.4.0
- On your DSF BPE server execute
Follow the NUM‐CODEX DSF 0.5.2 Deployment guide.