Previous Topic: Replication Properties on the ReplicaNext Topic: Virtual Machine Properties

Setting PropertiesSetting Master and Replica PropertiesUnderstanding Replica PropertiesReplication Properties on the ReplicaChange the Engine Security Method

Change the Engine Security Method

Arcserve RHA Engine uses a predefined security method. However, if you set the Replica property Encrypt Data During Transfer to On, you can also change the default SSL self-signed certificate, RSA private key and cipher list to use your own security parameters in the Engine configuration file. The Engine configuration file that contains the security method is ws_rep.cfg.

To change the Engine security method

  1. If there are running scenarios that are currently using the Engines for which you want to change the security method, stop them through Arcserve RHA Manager.
  2. Log in to the Master and Replica host where the Engine is running.
  3. In the Services dialog, stop the Engine service on both the Master and Replica servers.
  4. Using Windows Explorer, browse to Engine installation directory, where the ws_rep.cfg file is located.

    Note: The default installation directory is: C:\Program Files\CA\Arcserve RHA\Engine.

  5. Open the ws_rep.cfg file with WordPad or another text editor.

    Note: We do not recommend using Notepad, due to its limited view options.

  6. Do the following in the ws_rep.cfg file:
    1. Find the # SSLSelfSignedCertificate = "[INSTALLDIR]/cacert.pem" section.
    2. Change the SSLSelfSignedCertificate = "[INSTALLDIR]/cacert.pem" to reflect the name of the SSL self-signed certificate that you want to use and remove the # symbol at the beginning of the line.
    3. Find the # SSLRSAPrivateKey = "[INSTALLDIR]/cakey.pem" section.
    4. Change the SSLRSAPrivateKey = "[INSTALLDIR]/cakey.pem" to reflect the name of RSA private key that you want to use and remove the # symbol at the beginning of the line.
  7. Save the ws_rep.cfg file.

    Important! While the configuration files on the Master and Replica servers can be different, you must ensure that the parameters you use to change the security method be identical in both the Master and Replica servers' ws_rep.cfg file.

    The Engine security method is changed in the ws_rep.cfg file.

  8. Start the Engine Service on both the Master and Replica.
  9. Open the Manager, highlight the scenario, and restart it.

Note: If the SSL self-signed certificate and RSA private key fail to load, the default setting is used and a warning message will display in the Arcserve RHA Manager.