Disable rotation and remove high-availability on CipherTrust Manager

Before upgrading a CipherTrust Manager cluster, ensure the nodes are synchronized, disable key rotation, and break the high-availability (HA) configuration to remove the cluster from HA mode.

Before you begin 

Back up all CipherTrust Manager nodes before proceeding.

Procedure 

  1. On the primary node, open a web browser and navigate to the CipherTrust Manager Web Interface (Web UI).

    Example: https://ciphertrustPrimaryHostname

  2. Confirm that the cluster is connected and synchronized.

    1. Sign in to Web UI using a root domain account.

    2. Go to Admin Settings > Cluster.

    3. From the list of nodes, ensure that the primary and secondary nodes show as green and have the Ready status.

    CipherTrust nodes in sync.

  3. Disable key rotation on the primary KMS node:

    1. Sign in to Web UI using a WFO domain account.

    2. Go to Admin Settings > Schedules.

    3. Find the schedule named Auto_Schedule.

    4. Select the ... menu and choose Disable Schedule.

    5. Confirm that the key rotation schedule is disabled on both nodes.

      Disabling key rotation on the primary node also disables it on its high-availability pair, but it is important to verify that the change was applied before proceeding.

  4. Remove high availability:

    1. Sign in to Web UI using a root domain account.

    2. Go to Admin Settings > Cluster.

    3. Select the secondary node, select the ... menu, and then choose Remove Node.

    4. Select the Manage cluster button, then select Delete Cluster Configuration.

What to do next 

Download Verint KB upgrade package