Upgrade from Release 8.x

You can upgrade the existing  releases (such as 8.0, 8.0.1, 8.1, 8.1.1, 8.1.2, 8.1.3, 8.2, 8.2.1, or 9.0) to 9.0.02 based on your product deployment (CA Risk Authentication and CA Strong Authentication).
aatest
You can upgrade the existing 
Advanced Authentication
 releases (such as 8.0, 8.0.1, 8.1, 8.1.1, 8.1.2, 8.1.3, 8.2, 8.2.1, or 9.0) to 9.0.02 based on your product deployment (CA Risk Authentication and CA Strong Authentication).
The steps discussed in this topic enables you to upgrade to CA Advanced Auth 9.0 only. To upgrade to 9.0.01 and 9.0.02, you must first upgrade your product to 9.0 and then apply the 9.0.01 or 9.0.02 patch.
Instructions on how to apply the patches are detailed in the following topics:
 
 Note
 As part of 9.0.01 and 9.0.02 patch,only CA Adapter package was shipped. 
Please review the Upgrade Checklist before you perform the upgrade.
 
 
Before you upgrade,
  • (For Linux) Ensure you source arwfenv to set environment variables.
  • Ensure the ARCOT_HOME is set. 
The existing schema must not be altered to ensure a smooth upgrade.
Upgrade to CA Strong Authentication 9.0 
 The following steps will only enable you to upgrade to CA Strong Authentication version 9.0. To upgrade to 9.0.01 and 9.0.02 patches, refer to the bullet links mentioned at the start of this page.
You can upgrade CA Strong Authentication in one of the following ways:
Upgrade to CA Strong Authentication 9.0 in an Existing System
 
(Following steps are not applicable for upgrading to 9.0.01 and 9.0.02 patches)
 
Extract the contents of the CA-StrongAuthentication-<platform>-<version>-installer.zip file on your machine that hosts the 8.x version of CA Strong Authentication and perform the following upgrade steps:
 
For Windows and Linux
 
  1. Create a backup of the entire ARCOT_HOME folder and the database.
  2. Stop CA Strong Authentication Service.
  3. Navigate to the extracted folder CA-StrongAuthentication-<version>, run the installer, and complete the installation.
     
    (for Windows)
     execute CA-StrongAuthentication-<version>-Windows-Installer.exe
    (for Linux)
     execute CA-StrongAuthentication-<version>-Linux-Installer.bin 
  4. During the upgrade, the Installer 9.0 has a provision to automatically initiate the DB scripts and start the services. When you unselect the automatic option, execute the following db scripts manually in the database machine:
    1. db-config-for-common-8.x-to-9.0.sql
      db-config-for-strongauth-8.x-to-9.0.sql
    • When you execute the above 
      common SQL file
      , ignore the following error/warning message:
      Warning: Procedure created with compilation errors.
      Elapsed: 00:00:01.82
      ADAT_SCHEMA:UDB00203>show errors
      Errors for 
      PROCEDURE ARUDSLDAPREPOSITORYCONFIG_BLOB
      Warning: Procedure created with compilation errors.
      Elapsed: 00:00:00.17
      ADAT_SCHEMA:UDB00203>show errors
      Errors for 
      PROCEDURE ARUDS_UPDATE_BLOB
       
     
     
    • When you execute the above 
      Strong Authentication SQL file
      , ignore the following warning messages:
      Warning! The maximum key length is 900 bytes. The index 'PK_ARWFINSTANCES' has maximum length of 1536 bytes. For some combination of large values, the insert/update operation will fail.
      Warning! The maximum key length is 900 bytes. The index 'UN_ARWFPROTOCONFIG_INSTIP_PORT' has maximum length of 1540 bytes. For some combination of large values, the insert/update operation will fail.
  5. Manually execute the db-config-for-strongauth-8.x-to-9.0-upgrade-script.sql file in the database machine. 
    • Execution time varies based on the amount of data present in the CA Strong Authentication Audit Log Tables.
    • Live transactions are not logged in the audit log tables while the script is running.
  6. Stop application server and redeploy the following war files from ARCOT_HOME.
    \java\webapps\arcotadmin.war
    \java\webapps\arcotuds.war
    \java\webapps\aa-restapi.war
    \samples\java\ca-strongauth-sample-application.war
  7. Restart the application server and verify for the following message in /logs/arcotadmin.log
    Arcot Administration Console Configured Successfully. 
  8. (For Windows only) When you select Start the Services, CA Strong Authentication service starts. When you unselect the automatic option, start the services manually. 
  9. Launch 
    Advanced Authentication
     administration console and verify for the successful login.
Performance Improvement Recommendation
To improve performance, remove the existing indexes from the database as detailed in the following table:
Component
Table
Index
Index on Column
 Common 
ARUDSCONFIGAUDITLOG
ARUDSORGANIZATIONAUDITLOG
ARUDSUSERAUDITLOG
ARADMINAUDITTRAIL
IDX_ARUDSCONFIGAUDITLOG_TXTS
IDX_ARUDSORGAUDITLOG_TXTS
IDX_ARUDSUSERAUDITLOG_TXTS
IDX_ARADMINAUDITTRAIL_TS
TXTIMESTAMP
TXTIMESTAMP
TXTIMESTAMP
TIMESTAMP
Strong Authentication
ARWFADMINAUDITLOG
ARWFSVRMGMTAUDITLOG
ARWFISSUANCEAUDITLOG
ARWFAUTHAUDITLOG
IDX_ARWFADMINAUDITLOG_DC
IDX_ARWFSVRMGMTAUDITLOG_DC
IDX_ARWFISSUANCEAUDITLOG_DC
IDX_ARWFAUTHAUDITLOG_DC
DATECREATED
DATECREATED
DATECREATED
DATECREATED
Risk Authentication
ARRFSYSAUDITLOG
ARRFUPLOADAUDITLOG
ARRFINSTANCEAUDITLOG
ARRFCASEAUDITLOG
ARRFSYSAUDITLOG_3DSECURE
IDX_ARRFSYSAUDITLOG_DL
IDX_ARRFUPLOADAUDITLOG_UDT
IDX_ARRFINSTANCEAUDITLOG_OT
IDX_ARRFCASEAUDITLOG_DC
IDX_ARRFSYSAUDIT3D_DL
DATELOGGED
UPLOADDATETIME
OPERATIONTIME
DTCREATED
DATELOGGED
Upgrade to CA Strong Authentication 9.0 in a Fresh System 
 
(Following steps are not applicable for upgrading to 9.0.01 and 9.0.02 patches)
 
When you select a new system for 
Advanced Authentication
 components installation, to map your servers to an existing 8.x database, perform the following steps:
 
For Windows and Linux
 
  1. Create a backup of your 8.x database.
  2. Navigate to the extracted folder CA-StrongAuthentication-<version>, run the installer, and complete the installation.
    (for Windows)
     execute CA-StrongAuthentication-<version>-Windows-Installer.exe
    (for Linux)
     execute CA-StrongAuthentication-<version>-Linux-Installer.bin 
    For more installation steps, see Perform a Complete Installation of CA Strong Authentication. The wizard or console does not prompt you to perform the following steps:
    - Configure the Database Scripts
    - Perform Bootstrapping
  3. Manually execute the following scripts in the database machine.
    db-config-for-common-8.x-to-9.0.sql db-config-for-strongauth-8.x-to-9.0.sql
    When you execute the above 
    Strong Authentication SQL file
    , ignore the following warning messages:
    Warning! The maximum key length is 900 bytes. The index 'PK_ARWFINSTANCES' has maximum length of 1536 bytes. For some combination of large values, the insert/update operation will fail.
    Warning! The maximum key length is 900 bytes. The index 'UN_ARWFPROTOCONFIG_INSTIP_PORT' has maximum length of 1540 bytes. For some combination of large values, the insert/update operation will fail. 
  4. Manually execute the db-config-for-strongauth-8.x-to-9.0-upgrade-script.sql file in the database machine. 
    • Execution time varies based on the amount of data present in the CA Strong Authentication Audit Log Tables.
    • Live transactions are not logged in the audit log tables while the script is running.
  5. Stop application server and redeploy the following war files from ARCOT_HOME.
    \java\webapps\arcotadmin.war
    \java\webapps\arcotuds.war
    \java\webapps\aa-restapi.war
    \samples\java\ca-strongauth-sample-application.war
  6. Restart the application server and verify for the following message in /logs/arcotadmin.log
    Arcot Administration Console Configured Successfully. 
  7. (For Windows only) When you select Start the Services, CA Strong Authentication service starts. When you unselect the automatic option, start the services manually. 
  8. Launch 
    Advanced Authentication
     administration console and verify for the successful login.
To improve performance, remove the existing indexes from the database as detailed in the  
Upgrade to CA Risk Authentication 9.0
 The following steps will only enable you to upgrade to CA Risk Authentication version 9.0. To upgrade to 9.0.01 and 9.0.02 patches, refer to the bullet links mentioned at the start of this page.
You can upgrade CA Risk Authentication in one of the following ways:
Upgrade to CA Risk Authentication 9.0 in an Existing System
 
(Following steps are not applicable for upgrading to 9.0.01 and 9.0.02 patches)
 
Extract the contents of the CA-RiskAuthentication-<version>.zip file on your machine that hosts the 8.x version of CA Risk Authentication and perform the following upgrade steps:
 
For Windows and Linux
 
  1. Create a backup of the entire ARCOT_HOME folder and the database.
  2. Stop CA Risk Authentication Service and CA Risk Authentication Case Management service.
  3. Navigate to the extracted folder CA-RiskAuthentication-<version>, run the installer, and complete the installation.
    (for Windows)
     execute CA-RiskAuthentication-<version>-Windows-Installer.exe 
     
    (for Linux)
     execute CA-RiskAuthentication-<version>-Linux-Installer.bin 
    For more installation steps, see Perform a Complete Installation.
  4. During the upgrade, the Installer 9.0 has a provision to automatically initiate the DB scripts and start the services. When you unselect the automatic option, execute the following db scripts manually in the database machine:
    1. db-config-for-common-8.x-to-9.0.sql
    2. db-config-for-riskauth-8.x-to-9.0.sql
    3. db-config-for-3dsecure-8.x-to-9.0.sql (only when you have created the 3D Secure Channel
    When you execute the above 
    common SQL file
    , ignore the following error/warning message:
    Warning: Procedure created with compilation errors.
    Elapsed: 00:00:01.82
    ADAT_SCHEMA:UDB00203>show errors
    Errors for 
    PROCEDURE ARUDSLDAPREPOSITORYCONFIG_BLOB
    Warning: Procedure created with compilation errors.
    Elapsed: 00:00:00.17
    ADAT_SCHEMA:UDB00203>show errors
    Errors for 
    PROCEDURE ARUDS_UPDATE_BLOB
     
  5. Manually execute the db-config-for-riskauth-8.x-to-9.0-upgrade-script.sql file in the database machine. 
    • Execution time varies based on the amount of data present in the CA Risk Authentication User Context Table.
    • Live transactions are not logged in the ARRFUSERCONTEXT table while the script is running.
  6. Manually execute the db-config-for-riskauth-8.x-to-9.0-upgrade-script.sql file in the database machine. 
    • Execution time varies based on the amount of data present in the CA Risk Authentication User Context Table.
    • Live transactions are not logged in the ARRFUSERCONTEXT table while the script is running.
  7. Stop application server and redeploy the following war files from ARCOT_HOME.
    \java\webapps\arcotadmin.war
    \java\webapps\arcotuds.war
    \java\webapps\ca-userprofiling-<version>-application.war
    \java\webapps\aa-restapi.war
    \java\webapps\risk-restapi.war
    \samples\java\ca-riskauth-sample-application.war
    \samples\java\ca-riskauth-sample-callouts.war
  8. Restart the application server and verify for the following message in ARCOT_HOME/logs/arcotadmin.log
    Arcot Administration Console Configured Successfully. 
     
  9. (For Windows only) Start CA Risk Authentication service and CA Risk Authentication Case Management service. When you select Start the Services, CA Risk Authentication service starts. When you unselect the automatic option, start the services manually.
  10. Launch CA Advanced Authentication administration console and verify for the successful login.
To improve performance, remove the existing indexes from the database as detailed in the  
Upgrade to CA Risk Authentication 9.0 in a Fresh System
 
(Following steps are not applicable for upgrading to 9.0.01 and 9.0.02 patches)
 
When you select a new system for 
Advanced Authentication
 components installation, to map your servers to an existing 8.x database, perform the following steps:
 
For Windows and Linux
 
  1. Create a backup of your 8.x database.
  2. Navigate to the extracted folder CA-RiskAuthentication-<version>, run the installer, and complete the installation.
  3.  
    (for Windows)
     execute CA-RiskAuthentication-<version>-Windows-Installer.exe 
     
    (for Linux)
     execute CA-RiskAuthentication-<version>-Linux-Installer.bin 
    Perform the steps explained in the Perform a Complete Installation section. The wizard or console does not prompt you to perform the following steps:
    - Configure the Database Scripts
    - Perform Bootstrapping
  4. Manually execute the following scripts in the database machine. 
    db-config-for-common-8.x-to-9.0.sql db-config-for-riskauth-8.x-to-9.0.sql db-config-for-3dsecure-8.x-to-9.0.sql (only when you have created the 3D Secure Channel) db-config-for-riskauth-8.x-to-9.0-upgrade-script.sql
    When you execute db-config-for-riskauth-8.x-to-9.0-upgrade-script.sql, remember that
    • Execution time varies based on the amount of data present in the CA Risk Authentication User Context Table.
    • Live transactions are not logged in the ARRFUSERCONTEXT while the script is running.
  5. Stop application server and redeploy the following war files from ARCOT_HOME.
    \java\webapps\arcotadmin.war
    \java\webapps\arcotuds.war
    \java\webapps\ca-userprofiling-<version>-application.war
    \java\webapps\aa-restapi.war
    \java\webapps\risk-restapi.war
    \samples\java\ca-riskauth-sample-application.war
    \samples\java\ca-riskauth-sample-callouts.war
  6. Restart the application server and verify for the following message in ARCOT_HOME/logs/arcotadmin.log
    Arcot Administration Console Configured Successfully. 
     
  7. Start CA Risk Authentication service and CA Risk Authentication Case Management service.
    (For Windows) When you select Start the Services, CA Risk Authentication service starts. When you unselect the automatic option, start the services manually.
  8. Launch 
    Advanced Authentication
     Administration console and verify for the successful login.
 
Important! 
The existing schema must not be altered to ensure a smooth 
Advanced Authentication
 upgrade.To improve performance, remove the existing indexes from the database as detailed in the