Upgrade Tenable Identity Exposure
Before you start
Tenable strongly recommends that you take a snapshot of your environment before you upgrade. If the upgrade fails, Tenable Identity Exposure support cannot perform a rollback, and this results in a fresh installation and cause you to lose your previous data.
Back up and restore the Storage Manager
Tenable strongly recommends that you back up the Storage Manager before you upgrade Tenable Identity Exposure.
For instructions on how to back up or restore MSSQL, see the official Microsoft documentation.
Upgrade to use Secure Relay
Tenable Identity Exposure v. 3.59 introduces Secure Relay, a new secure external transfer mode using HTTPS for your Active Directory data to the rest of the platform. Internally, it continues to use Advanced Message Queuing Protocol Secure (AMQPS).
Another advantage of Secure Relay lies in its ability to upgrade automatically when you upgrade Tenable Identity Exposure, especially if your platform uses several DLs.
For more information, see Secure Relay in the Tenable Identity Exposure Administrator Guide.
To upgrade to the latest version of Tenable Identity Exposure, you must follow this installation path: 2.7 -> 3.1 -> 3.11 -> 3.19 -> 3.29 -> 3.42 -> 3.59.
To upgrade Tenable Identity Exposure, proceed in the following order:
Upgrade the Directory Listener.
Upgrade Security Engine Nodes.
Upgrade the Storage Manager.
Update the TLS certificate
It is possible to update the TLS certificate either during an upgrade of Tenable Identity Exposure or if you need to renew an expired certificate, as follows:
Update the certificate (CRT) and KEY files in the default folder Tenable\Tenable.ad\Certificates.Note: If your new certificate is in Personal Information Exchange (PFX) format, you can use the installed openssl.exe command line to extract the CRT and KEY.