Skip to main content
Skip table of contents

Upgrade Nexus OCSP Responder on Linux

This article includes updates for Nexus OCSP Responder 6.3.0.

This article describes how to upgrade Nexus OCSP Responder on Linux.

Prerequisites

  • Upgrade to Nexus OCSP Responder 6.2.2 and later is only supported from version 5.x or later.

  • Create a backup for bin, certs, config, cils, crls and log contents before performing the upgrade.

Upgrade Nexus OCSP Responder

  1. Unpack the Nexus OCSP Responder distribution nexus-ocsp-linux-release-6.x.zip into any desired directory.

  2. Stop the Nexus OCSP service.

    CODE
    » service nexus-ocsp stop
  3. In <install_root>/lib:

    1. Replace all jar files with the ones found in the lib directory in nexus-ocsp-linux-6.x.tgz in the unpacked distribution.

    2. Remove all files in this directory from previous installations.

  4. In <install_root>/bin:

    1. Replace all files except nexus-ocsp.conf and nexus-ocsp-launchd.sh with the ones found in nexus-ocsp-linux-6.x.tgz.

  5. If upgrading from OCSP 6.2.5 or earlier, replace the following line in nexus-ocsp.conf:

    CODE
    SERVICEARGUMENTS="-p <ocsp-config-dir>"

    with 

    CODE
    SERVICEARGUMENTS="-P <ocsp-config-dir>"
  6. Remove the property "-Djava.library.path" under JAVAFLAGS option in nexus-ocsp.conf file in <install_root>/bin

  7. Change the file owner of the new files to the service user that executes the service.
    For example:

    CODE
    chown -R ocspuser:ocspuser /opt/nexus/ocsp/
  8. If not done in previous upgrade: Remove the SysV OCSP service:

    CODE
    » chkconfig --del nexus-ocsp
    » rm /etc/init.d/nexus-ocsp
  9. If not done in previous upgrade: Install the systemd OCSP service by running the install.sh script (after running chmod a+x install.sh) with options -d -p -P -u -g in the unpacked distribution. Use option -h to view a description of the above options. 

To only install the nexus-ocsp.service, use the -d option.

  1. Optional: Adapt the old configuration in <install root>/conf with the new functionality, described in the release note, in Nexus OCSP Responder. The reference configuration can be found in nexus-ocsp-6.x/config/ocsp.conf in nexus-ocsp-linux-6.x.tgz.

  2. Optional: If Java 17 is not installed as default Java:

    1. Edit the file <install_root>/bin/ nexus-ocsp.conf 

    2. Add this line at the end of the file:

      CODE
      JAVA=<path_to_bin_java_in_jre_17>
  3. Start the Nexus OCSP service.

    CODE
    // Start
    » service nexus-ocsp start

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.