Skip to content
This repository has been archived by the owner on Nov 17, 2023. It is now read-only.

NUM‐CODEX DSF Upgrade From 0.4.0 to 0.5.2

Jump to bottom
Hauke Hund edited this page Dec 11, 2021 · 4 revisions

See NUM-CODEX Upgrade from 0.4.0 to 0.5.4 for the latest release.

TLDR: Backup your organization DSF identifier, certificates and private-keys, delete 0.4.0 and install 0.5.2 using NUM‐CODEX DSF 0.5.2 Deployment.

This guide is not suitable for HiGHmed organizations. If you are a member of HiGHmed, see HiGHmed Upgrade.

Upgrading from 0.4.0

Upgrading the DSF from 0.4.0 to 0.5.2 is essentially equivalent to a fresh installation. The following section lists files and parameters from the 0.4.0 installation you need to backup and then reuse in the 0.5.2 install. The requirements for virtual machines, docker, the network-setup between DSF FHIR server and DSF BPE server, firewalls (open ports) and the DMZ setup as well as client and server certificates from the DFN PKI have not changed.

Preparation

Certificates and Keys

  • Backup your DSF FHIR server server-certificate and the corresponding private-key from the DFN-PKI. You do not need to port any CA files since they are provided in the config .tar.gz file.

  • Backup your organizations client-certificate and the corresponding private-key from the DFN-PKI used in both the DSF FHIR and DSF BPE servers. If you do not have the original certificate.pem and private_key.pem files, but only the generated p12 file. You can extract the client-certificate and private-key from the p12 file. To extract the private-key:

    openssl pkcs12 -in client_certificate.p12 -nocerts -nodes | \
openssl pkcs8 -topk8 -v2 aes-128-cbc -v2prf hmacWithSHA256 -out client_certificate_private_key.pem

    The command above will ask for the password to the p12 file as well as a password to encrypt the key inside the new pem file.

    To extract the client-certificate:

    openssl pkcs12 -in client_certificate.p12 -nokeys -clcerts | openssl x509 -out client_certificate.pem

    The command above will ask for the password to the p12 file.

Organization-Identifier

  • Write down your DSF organizations identifier value (aka the shortest FQDN that resolves the main homepage of your organization) as well as the name of your organization from the FHIR bundle at /opt/fhir/app/conf/bundle.xml.

Remove 0.4.0

  1. Shutdown and remove the docker containers:

    • On your DSF BPE server execute from /opt/bpe 
      docker-compose down
    • On your DSF FHIR server execute from /opt/fhir 
      docker-compose down

  2. Delete or move the old docker-compose directory structures:

    • On your DSF BPE server execute 
      sudo mv /opt/bpe /opt/bpe_0.4.0
    • On your DSF FHIR server execute 
      sudo mv /opt/fhir /opt/fhir_0.4.0

Install 0.5.2

Follow the NUM‐CODEX DSF 0.5.2 Deployment guide.

Clone this wiki locally