Recover access

Due to human error, access to the Stream platform could be lost when all certificates allowing access are revoked or expired. The goal of this procedure is to allow account authentication and to generate an administrator account in order to re-establish access to the platform.

To regain access to the platform, apply the following steps:

These steps should be executed in a secure and confined environment

1. If the Security Guidelines were followed, the first step is to allow authentication without certificates. To do that, reverse the step 2 of the NGINX Configuration hardening.

2. If the administrator account generated at bootstrap was correctly deleted, it is necessary to regenerate one. To do so, database access is necessary.

Open the mongosh shell by connecting to the mongodb uri defined at step 9 of the MongoDB installation procedure:

mongosh <mongodb uri>

In the mongo shell that was just opened, run the following commands:

> use stream;
> db.misc.updateOne({}, {$set: {"bootstrapped": false}})

This will ask Stream to perform the bootstrap phase again on next startup, thus recreating an administrator account.

3. Account authentication now needs to be re-enabled. To do so, follow the dedicated steps in the security section of the administration guide : menu:Managing Security[Enforce Certificate Authentication]. During these steps, the system will be restarted and the administrator account re-created.

4. Retrieve the administrator password the same way as in the initial bootstrap, and login to the platform.

5. Perform the necessary actions to setup secure authentication again, following this guide from the Initial configuration step, and then re-apply security measures before re-opening the platform.

If these steps do not suffice to grant you access back to the platform, please contact the EVERTRUST support.