Confidencial Documentation
HomepageLog In
  • Getting Started
    • Sending secure PDFs with Confidencial
    • Viewing secure PDFs with Confidencial
    • Sending secure Word docs with Confidencial
    • Viewing secure Word docs with Confidencial
    • Sending secure Excel workbooks with Confidencial
    • Viewing secure Excel workbooks with Confidencial
    • Sending secure images with Confidencial
    • Viewing secure images with Confidencial
    • Sending secure messages with Confidencial
    • Viewing secure messages with Confidencial
    • Protecting content with Confidencial
    • Re-encrypting and changing who can see protected content
  • General
    • How Confidencial Works
      • What is End-to-End Protection
      • In-doc encryption
      • The Confidencial Public Key Registry
      • The Confidencial Private Key Server
      • The Confidencial Log Server
    • Account types
      • Individual
      • Organization
      • Organization administrator
    • File types
    • Key types
      • Cloud-stored keys
      • Device-stored keys
      • Temporary keys
      • Enterprise keys
      • Recovery keys
    • Logging in to the desktop or web app
    • Logging in to Confidencial
    • Encryption policies
    • Selecting encryption recipients
    • Inviting other users to Confidencial
    • Accepting an invite to Confidencial
    • Creating a Confidencial individual account
    • Re-encrypting and changing who can see protected content
    • Confidencial organizations
  • Web App
    • Encrypting a message
    • Decrypting a message
    • Encrypting files and folders
    • Decrypting a .c11 file or .c11.zip file bundle
    • Re-encrypting a Confidencial-protected file or file bundle and changing who can see them
  • Desktop App
    • Installing the desktop app
    • Encrypting files and folders
    • Decrypting a .c11 file or .c11.zip file bundle
  • Microsoft Office Add-ins
    • Installing the Microsoft Office add-ins
    • Opening the task pane
    • Logging in from an Office application
    • Encrypting an entire Word document
    • Encrypting parts of a Word document
    • Decrypting a Word document
    • Re-encrypting a Word document and changing who can see protected content
    • Installing Microsoft Add-ins via the Admin Center
  • Advanced Features
    • Storing keys on your device
    • Loading a key from your device
    • Creating a machine token
    • Obtaining public-private key pairs for use with the Confidencial SDK
  • How to Use Secure Document Request (SDR)
  • Secure Document Send
    • Sending Documents with Secure Document Send
    • Viewing Historical Document Sends
    • Creating a Persistent Share Link
    • Receiving a Persistent Share Link
  • Cloud Protector
    • Connecting AWS S3
    • Connecting Box
    • Connecting Dropbox
    • Connecting Google Cloud
    • Connecting Google Drive
    • Connecting Microsoft Azure Blob
    • Connecting Microsoft OneDrive
    • Connecting Microsoft SharePoint
    • Connecting Server Message Block
    • Connecting Wasabi
    • Connecting On-Premises Storage
  • Enterprise Deployment
    • Connecting your identity provider to Confidencial
    • Creating an S3 bucket for document requests
    • Creating a Cognito user pool to enable S3 bucket access via IDP credentials
    • Deploying the Confidencial Key Server in your environment
      • Configuring an AWS Elastic Container Service (ESC) instance
    • Running a database migration
    • Pushing a container image to your AWS container registry
    • Connecting your identity provider to the Confidencial Key Server
    • Deploying the Confidencial Desktop App to your enterprise users
    • Deploying the Confidencial Office Add-ins to your enterprise users
    • Setting up Microsoft Entra to use an Exchange account to send email notifications
  • Organization Administration
    • Adding members to an organization
    • Pre-loading members into your organization
    • Designating a member as an administrator
    • Creating a recovery key for an organization
    • Monitoring Confidencial usage within an organization
    • Organization-level policies
    • Administrator permissions
  • Command-Line Interface (CLI)
  • Software Development Kit (SDK)
  • Contact Us
  • System Requirements
  • Legal/Licensing
  • How to Access Confidencial Documents for First Time Recipients
Powered by GitBook
On this page
Export as PDF
  1. Enterprise Deployment

Running a database migration

PreviousConfiguring an AWS Elastic Container Service (ESC) instanceNextPushing a container image to your AWS container registry

Last updated 2 months ago

ℹ️ When Confidencial server software for the first time or upgrading an existing Confidencial instance, you will occasionally need to run a database migration. Database migrations create (or update) the table structure within a database. Migrations may need to be run for the or the . In either case, Confidencial will provide the requisite files to run the migration, usually in the form of a zip file.

⚠️ These instructions assume the database server has been instantiated, the database within that server has been created, and the database account you are using to access the database has full permissions on the database. See the relevant deployment instructions for more detail on how to do this.

⚠️ If running a migration on a database with existing data, BE SURE TO RUN A BACKUP/SNAPSHOT OF YOUR DATABASE BEFORE PROCEEDING

  1. on a machine that has network access to the target database

    • In addition to target database access, this machine must also have internet access to be able to install additional packages

    • We will refer to this machine as the migration machine. The migration machine can be the database server itself, but it doesn’t need to be.

  2. Unzip the migration files in a directory on the migration machine

    • We will refer to this folder as the migration folder

  3. From the migration folder, run the following command

    cp .env.example .env.kss.production

    This will create a file in the migration folder called .env.kss.production

  4. Open .env.kss.production in a text editor and add the connection parameters for the target database

    KNEX_CLIENT = mysql2
    KNEX_VERSION = 8.0
    KNEX_HOST = [database host]
    KNEX_PORT = [database port]
    KNEX_USER = '[database user name]'
    KNEX_PASSWORD = '[database user password]'
    KNEX_DB_NAME = '[database name]'
    KNEX_CHARSET = utf8mb4

    This file tells the migration code how to connect to the target database

    ⚠️ Note that values for `KNEX_USER`, `KNEX_PASSWORD`, and `KNEX_DB_NAME` are wrapped in single quotes. This is done to ensure that special characters and spaces are handled properly.

  5. From the migration folder, run the following commands

    npm i
    npm run env:kss:production knex:migrate:latest

    These commands will install the necessary packages from the internet and then execute database commands to create (or update) the tables in the target database

✅ This completes database migration. If you encounter issues during this process, please .

deploying
Confidencial Key Server
Confidencial Log Server
Deploying the Confidencial Key Server in your environment
Install nodeJS and npm
contact us