The HYPR services now require Java 11 to run. Please make sure Java 11 is the default on the server by installing as follows:
- Remove existing Java install(s):
yum list installed | grep jdk | xargs sudo yum remove -y
- Install Java 11:
sudo yum install java-11-openjdk-devel.x86_64 -y
HYPR uses Python scripts for a more robust install process. If Python 3 is not present, install using:
sudo yum install -y python3
Note that Python is not needed during runtime.
- Vault properties have been consolidated under the
- The install process and
env.shconfig file are unchanged. The Install process will write the new
controlCenterConfigV68Pluskey into Vault. The existing keys will be left as is, but are not used any more.
- Vault properties are documented here https://docs.hypr.com/installinghypr/page/server-propeprties
- Configuration settings which are changed via the Control Center UI (such as License, Proxy, and SSL Pinning) are no longer stored in Vault. Instead, these settings are now stored in the
rp_server_configdatabase table. This will avoid situations where the license or other settings are lost because Vault was reset.
Because these settings have been moved from Vault to the database they will need to be reapplied via the Control Center UI after the 6.8 upgrade.
Any existing Control Center extensions that use the
DeviceDeregistrationExtensionPoint endpoints will need to be recompiled to work with the 6.8 release due to changes in the
Code changes required:
- Modify the following import statements if used:
- Change the Control Center Extension API version in your
<!-- HYPR --> <dependency> <groupId>com.hypr.server</groupId> <artifactId>cc-extension-api</artifactId> <version>6.8.0</version> <!-- IMPORTANT - provided the CC --> <scope>provided</scope> </dependency> <!-- END HYPR -->
Before You Start
Please make a full backup of the database before upgrading. If you run into issues, you can restore from the backup.
Back up the current
<install dir> by making a copy to
Shut down dependencies and services:
Switch to the
<install dir> and remove the existing WAR files:
rm -f CC/CC-*.jar UAF/HYPR-*.war FIDO2/fido2-*.war
Un-tar the new
<install pkg> (ServerInstaller-*.tar.gz) in the current
# Un-tar install pkg, overlay on existing # Do not overwrite the nginx certs (hyprServer.crt, hyprServer.key) # HYPR_GROUP:HYPR_USER. The should match the values defined in env.sh tar -xvf <install pkg> -C /opt/hypr/<install dir> --group=<HYPR_GROUP> --owner=<HYPR_USER> --exclude="hyprServer*"
- replace the scripts in the
<install dir>with the new versions
- replace the WAR/JAR files for relevant components
- leave the existing config in (mysql/mysql-8.0.18-linux-x86_64-minimal redis/redis-4.0.13 vault/vault-0.10.3) untouched
After the un-tar, confirm that the following files are present:
- /.install file (by running
env.sh file from the copy made in Step 1.
Start dependencies as normal and start services with the
./startHyprServices --[cluster|single] --rp --enc --reinit-vault
You should see the following in the output:
✅ Java version 11 available Generating /opt/hypr/CC/controlCenterConfigV68Plus.properties ... ✅ Finished writing to vault ... **** Starting CC service. CC-6.8.0-SNAPSHOT.jar Debug: false **** ... ✅ Port 8009 is listening
Confirm that Vault contains the new key
controlCenterConfigV68Plus. The old keys will not be used by 6.8. Leave them in place for now, in case a rollback is needed.
Reinstall the systemd services. Since UAF is gone, the systemd start order has to be modified:
cd <install folder>; # Remove systemdRemove.sh # Re-install systemdInstall.sh
Repeat Steps 1-4 from above.
- Reapply your License via the Control Center UI
- Reapply Proxy and SSL Pinning settings via the Control Center UI, if you are using these
Updated over 1 year ago