Checking for revoked hotfix files for offline systems
If you do not use third-party tools to verify hotfix files for Pega Platform 8.5 or later with no outbound URL connection, you can still make sure that the Pega hotfix files have not been revoked before you install them. Check for revoked hotfix files by manually loading a certificate revocation list (CRL) to verify the certificate. Because CRLs expire frequently, you need to load the list each time before you install a hotfix.
downloadAndPackageCRLs.batscript in the
scriptsdirectory of the distribution image, with an output directory as the only command line argument.
./downloadAndPackageCRLs.sh /output/directoryThe current CRLs are downloaded from the URLs embedded in the script, packaged into a
CRLs.jarfile, and placed in the output directory.
Import the produced
CRLs.jarfile by using the import wizard. By default, this file is imported into the Customer code set; however, any active code set is acceptable.For more information, see Importing rules and data by using the Import wizard.
Restart all the application servers in the cluster (or at least the ones that will be used for installing hotfixes) for the changes to take effect.