Backing Up and Restoring Components 33novdocx (en) 19 February 20107 Enter a password for encrypting and decrypting private keys, then re-enter for verification.You must use the same password for both backup and restore.8 Press Enter.The backup script creates a ZIP file containing several files, including the certificate information.This file contains the following: The configurations store’s CA key. The certificates contained in the configuration store. The trusted roots in the trustedRoots container of the accessManagerContainer object. An encrypted LDIF file, containing everything found in theOU=accessManagerContainer,O=novell container. A server.xml file containing the Tomcat configuration information for the AdministrationConsole.The trusted roots are backed up in both the LDIF file and the ZIP file. They are added to the ZIP fileso that the ZIP file has the complete certificate-related configuration.IMPORTANT: The backup utility prompts you for a location to store the backup file, so that it isnot erased if you uninstall the product. The default location is the logged-in user’s home directory.2.3 Restoring an Administration ConsoleConfigurationThe restore script replaces the configuration records in the configuration database with the recordsin the backup of the configuration store. It should be used to restore configuration data for one of thefollowing scenarios: An upgrade failed and you need to return to the configuration before the upgrade. You want to return to the backed up configuration because the current modified configurationdoes not meet your needs.The restoration steps are dependent upon whether the Administration Console is installed on its ownmachine or with other Access Manager components: Section 2.3.1, “Restoring the Configuration on a Standalone Administration Console or with aTraditional SSL VPN Server,” on page 34 Section 2.3.2, “Restoring the Configuration with an Identity Server on the Same Machine,” onpage 35 Section 2.3.3, “Restoring the Configuration with an ESP-Enabled SSL VPN Server,” onpage 36If the primary Administration Console machine has failed, you have lost both the configuration andthe configuration database. For this scenario, see Section 6.6, “Moving the Primary AdministrationConsole to New Hardware,” on page 94.The restore script cannot be used to move the Administration Console to a different platform, even ifthe new machine is configured to use the same IP address and DNS name. The backup files containspath information which is specific to the operating system. To move the Administration Consolefrom Linux to Windows or Windows to Linux, you need to install a Secondary Administration