Index | Prev | Next

Host upgrade

Pitfalls to be aware of before upgrading a host.
 NOTE: Before you upgrade a station, store the Sentience system’s public and private keys in a secure location. 

If you install a clean distribution file on a JACE during the upgrade, you will lose the key pair (the Sentience system’s public and private keys) that enable the station to connect to the cloud even after installing the cloud connector with the same System ID.

When upgrading a host, it is not necessary to install a clean distribution file on JACE; this is only needed when you are downgrading a JACE to an earlier version of Niagara. If you do not install a clean distribution file on the JACE, and you leave the station in place, it should retain the key pair and reconnect after the upgrade with no problem.

If you need to install a clean distribution file on the JACE, you will need to save the keys. To save the keys:

  1. In the station, click Services > PlatformServices > CertManagerService
  2. On the User Key Store tab, locate the key for the station. This will have an alias in a specific format (see the table below).
  3. Select the key and click Export to export it.
    1. Be sure to click to select both checkbox options: Export the public certificate and Export the private key.

      Also, you may want to select the option to Encrypt the exported private key and provide a password, particularly if this is a production system.

    2. Click OK and then Save the key as a .pem file somewhere accessible to you.

Alias name

Note the alias name. It is important that you install the CloudConnector key with the exactly correct alias name, because that is what the connector will look for. If it cannot find the name exactly as it expects, it will create a new key with the correct alias, and will not be able to connect as this key is not what is registered with the cloud identity provider.

 NOTE: The alias name is used as the suggested file name for the .pem file. Note, that this may not be an allowed filename, so you may have to change the name. If so, make sure to note the alias name. For example, the alias generally will contain colon (':') characters, which are not allowed for the filename. You will probably need to change these to underscores to save the filename. It is important to change the underscores (or whatever substitution character you use) back to colons when importing the key into the alias. 

The correct Cloudconnector Key Alias format depends on the installation type, as shown in the following table.

Niagara Version / Product Alias Format Subject See Note
Non-ForgeConnect Gateway (JACE, Supervisor) cloud_n4:<station-name>:<host-id> N4:<station-Name>:<host-id> 1, 2, 4
ForgeConnect Gateway cloud_guid:<station-guid> GUID:<station-guid> 3
  1. <station-name> = Station Name, with lowercase letters and underscores ( _ ) replaced with hyphens ( - )
  2. <station-Name> = Station Name, with original case, and underscores ( _ ) replaced with hyphens ( - )
  3. <station-guid> = Station unique GUID (lowercase hexadecimal characters and hyphens only), used as a unique identifier for platforms with shared host ids
  4. <host-id> = Platform Host ID

Once the upgrade is completed, reinstall the keys BEFORE starting the station:

  1. With the station idle, open a platform connection and click Certificate Management > User Key Store view.
  2. Ensure there are no keys with the alias you need to use. Delete them if needed.
  3. Click Import.
  4. Select the .pem file you exported before upgrading and click Open. Enter the password if needed.
  5. In the Certificate Import dialog, make sure to enter the station name alias EXACTLY as it is expected from the table above for the key, if you used a filename other than the suggested one (which matches the station name). Click OK when finished.
  6. Start the station.
 NOTE: Alias Name is important. Make sure that the alias name used for the key import is correct, according to the table above. You may need to recall the alias name saved from the key export, if the filename does not match the required alias name. 

If you already cleaned your JACE

If you have already cleaned your JACE, then the keys for the CloudConnector are lost. You need to contact Technical Support to get your station de-registered, so you can re-register it with Niagara Cloud. Note that this will give you a new registration which is not connected to the old data. It may be possible to connect the old data to the new data with support from the Digital Operations team.

Related Links

  • Maintenance (Parent Topic)

    • Index | Prev | Next