Station archive portablility improvements in AX-3.8

This document’s sections Station archiving changes and Making modifications to archived station files do not apply if using AX-3.8—modifications are unnecessary. Why? In an AX-3.8 station archive (station save via platform Station Copier, or station backup via Workbench, the station’s BackupService, or a Supervisor’s provisioning mechanism), the station config.bog file or backup .dist file is “more portable” than a file made from a prior update release platform.

In AX-3.8, when you copy a station using the platform Station Copier, any encrypted (client) passwords are automatically decrypted and stored in a portable format in the config.bog file for that station. This means you can reinstall that station in a different AX-3.8 host with all stored passwords working. Upon station startup, client passwords are re-encrypted to the keyring and key material unique to the new host, and then resaved. Thus (and often unlike in update releases), any re-entering of client passwords is unnecessary.
In AX-3.8, when a station backup is initiated, the keyring (used against encrypted passwords) is automatically decrypted during the backup, and stored in the backup .dist file.
- As always, you can restore the backup .dist back to the same AX-3.8 host, using the platform Distribution File Installer. The “key material” file used in encryption is unchanged.
- You can also use the backup as a “system image” to install in other AX-3.8 hosts, for example same model JACEs. When using the Distribution File Installer to install the backup .dist file in this case, the stored keyring is automatically re-encrypted to the key material file unique to each JACE, ensuring adequate security for all encrypted passwords.

In either case upon installation all the station’s client passwords are operational and maintain good security practices. Manual modifications to station archive files should not be necessary.

A station’s config.bog file contained (compressed) inside a backup .dist of an AX-3.8 host contains client passwords that are still encrypted. This is mentioned because this config.bog is not “portable” like the config.bog produced by a station copy (save) using the AX-3.8 Station Copier.