Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
tutorial:adm:server_os_updates [2019/12/16 14:03] fiserp [Things to consider] |
tutorial:adm:server_os_updates [2019/12/16 14:07] fiserp [Things to consider] |
||
---|---|---|---|
Line 19: | Line 19: | ||
* There **may be** some impact on connections the IdM makes in order to manage end systems. | * There **may be** some impact on connections the IdM makes in order to manage end systems. | ||
* Some end systems use SSL-secured form of communication and IdM needs to have their certificate in its Java truststore. If the truststore was improperly configured and gets regenerated (i.e. due to ``ca-certificates`` package update), all extra certificates are lost making SSL connections to end systems fail. This should not happen because IdM should use its own, explicitly created and configured, truststore. | * Some end systems use SSL-secured form of communication and IdM needs to have their certificate in its Java truststore. If the truststore was improperly configured and gets regenerated (i.e. due to ``ca-certificates`` package update), all extra certificates are lost making SSL connections to end systems fail. This should not happen because IdM should use its own, explicitly created and configured, truststore. | ||
- | * Some end systems that are connected via WinRM. The WinRM library uses Python and some of Python' | + | * Some end systems that are connected via WinRM. The WinRM library uses Python and some of Python' |
* Impact on OS | * Impact on OS | ||
- | * OS may seemingly not boot after the updates (boot or network issues, SSHd/RDP daemon issues). We recommend to have complete backup of ``/boot`` and ``/etc`` directories. Out-of-band access to a machine is a must. | + | * OS may seemingly not boot after the updates (boot or network issues, SSHd/RDP daemon issues). We recommend to have complete backup of ``/boot`` and ``/etc`` directories. Out-of-band access to a machine is a must. In case of virtualized environment, |
- | * In our deployments, | + | * In our deployments, |
* Packages from OS that IdM deployment uses | * Packages from OS that IdM deployment uses | ||
* Java (openjdk package referenced through ``/ | * Java (openjdk package referenced through ``/ |