Uninstall
Central platform
To fully remove the KeySafe 5 application from your Kubernetes cluster, use helm uninstall
.
This uninstalls all KeySafe 5 Helm charts.
You can use helm list
to see which charts are installed.
If you do not know the namespace, use --all-namespaces
to show charts from all namespaces.
$ helm list -n nshieldkeysafe5 --short
keysafe5-alertmanager
keysafe5-backend
keysafe5-istio
keysafe5-prometheus
keysafe5-ui
mongo-chart
And to delete them:
helm uninstall keysafe5-alertmanager --namespace=nshieldkeysafe5
helm uninstall keysafe5-backend --namespace=nshieldkeysafe5
helm uninstall keysafe5-istio --namespace=nshieldkeysafe5
helm uninstall keysafe5-prometheus --namespace=nshieldkeysafe5
helm uninstall keysafe5-ui --namespace=nshieldkeysafe5
helm uninstall mongo-chart --namespace=mongons
KeySafe 5 application data remains in your MongoDB database after uninstalling the application.
To clear this data from the database, remove the databases that were defined by agent_mgmt.dbName
, codesafe_mgmt.dbName
, hsm_mgmt.dbName
, licence_mgmt.dbName`, monitoring_mgmt.dbName
and sw_mgmt.dbName
in the helm-keysafe5-backend
chart.
Secrets
You can use kubectl get secrets
to see the secrets.
kubectl get secrets --namespace=nshieldkeysafe5
And delete them:
kubectl --namespace=nshieldkeysafe5 delete secrets agentcomms-server-certificates
kubectl --namespace=nshieldkeysafe5 delete secret agentcomms-client-certificates
kubectl --namespace=nshieldkeysafe5 delete secret mongodb-demo-client-certificates
KeySafe 5 agent
Before uninstalling the nShield KeySafe 5 agent, Entrust recommends that you back up any configuration files and certificates from the installation.
Linux
To remove the KeySafe 5 agent from a Linux host run the KeySafe 5 uninstaller:
sudo /opt/nfast/keysafe5/sbin/install -u
Then proceed to remove the following files and directories:
-
/opt/nfast/keysafe5/bin/ks5agenttls
-
/opt/nfast/keysafe5/conf/config.yaml.example
-
/opt/nfast/keysafe5/sbin/install
-
/opt/nfast/lib/versions/keysafe5-agent-atv.txt
-
/opt/nfast/sbin/keysafe5-agent
-
/opt/nfast/scripts/install.d/12keysafe5-agent
-
/opt/nfast/log/keysafe5-agent.log
The current configuration, stored in /opt/nfast/keysafe5/conf
, may also be removed.
The agent log file will be located in a different location if you have changed the default value of logging.file.path
in the agent configuration file.
If required, you can also remove the keysafe5d
user that was created as part of the installation.
Windows
To remove the KeySafe 5 agent from a Windows host:
-
Stop the KeySafe 5 agent service using Windows Service Manager.
-
Open the Control Panel and select Programs and Features.
-
Select the nShield KeySafe 5 Agent package.
-
Select Uninstall and follow the on-screen instructions.
To remove any configuration files, delete the %NFAST_DATA_HOME%\keysafe5
directory and remove the log file located at C:\ProgramData\nCipher\Log Files\KeySafe5-agent.log
The agent log file will be located in a different location if you have changed the default value of logging.file.path
in the agent configuration file.