Sometimes it might be useful to export resources like Components or Applications from a uDeploy installation and import to another one.
Let’s see how to do it and what problem we could deal with:
First of all let’s export our Component.
Click “Actions” beside the Component, then click “Export“.
Save your .json file
In the other uDeploy installation, go to Components, click the “Import Components” button and upload the .json file exported before.
At this point you could receive an import error.
Watch the uDeploy Server log. Can you see something like this?
2018-02-22 15:52:43,956 CET ERROR https-jsse-nio-0.0.0.0-8444-exec-9 com.urbancode.commons.util.crypto.algs.Crypt1Alg - Did not find any decoding key for name abc123keyxxx 2018-02-22 15:52:43,956 CET ERROR https-jsse-nio-0.0.0.0-8444-exec-9 com.urbancode.ds.web.util.UCDExceptionMapper - The import data contains encrypted values which could not be decrypted. Please ensure that the encryption key from the server which created this file has been added to this server. com.urbancode.air.i18n.TranslatableException: The import data contains encrypted values which could not be decrypted. Please ensure that the encryption key from the server which created this file has been added to this server
When you export the component, .json file contains a secure property the server encrypts before exporting. The server encrypts the secure value with its own encryption key.
So, to share components or applications that have secured properties, you need to exchange keys from each server’s encryption keystore.
On the first server, open a shell, and go to the server installation conf directory: eg.
/opt/ibm-ucd/server/conf/server
Find the value of the encryption.keystore.alias property in the installed.properties file.
For example:
encryption.keystore=../appdata/conf/encryption.keystore encryption.keystore.alias=abc123keyxxx
Run the following command to export the server key into a temporary keystore:
keytool -importkeystore -srckeystore encryption.keystore -srcstorepass srcPassword -srcstoretype jceks -alias abc123keyxxx -destkeystore temp.keystore -deststorepass tempPassword -deststoretype jceks
Copy the temporary keystore to the install/conf/
folder on the second server.
On the second server, open a command-line window, go to the server installation appdata/conf directory and run the following command to import the key of temporary keystore into the server keystore.
keytool -importkeystore -srckeystore temp.keystore -srcstorepass tempPassword -srcstoretype jceks -alias abc123keyxxx -destkeystore encryption.keystore -deststorepass destPassword -deststoretype jceks
The encryption key from the first server keystore is now on the second server keystore. As a result, the second server can now import abd decrypt components and applications from the first server.
Anyway you could face up to a new issue: For example if the first uDeploy was installed with IBM JDK (in this case the source keystore is created using an IBM JDK ), and the second uDeploy is installed using OpenJDK or Oracle JDK import result could be something like:
keytool error (likely untranslated): java.io.IOException: com.sun.crypto.provider.SealedObjectForKeyProtector
One solution? Reinstall the second uDeploy with the same JDK of the first one.
Help us to find more solutions…
Enjoy!