3. Upgrade WAPT Server

If your WAPT Server is a virtual host, take a snapshot of the VM. This way, you will be able to go back easily in the rare case that the update fails.

Attention

After each WAPT Server update, update your WAPT Console, then regenerate the WAPT Agent.

Before upgrading WAPT Server, please refer to the following upgrading compatibility chart:

Available WAPT Upgrade paths

To WAPT 2.4

From WAPT 1.8.2

Feature available

From WAPT 2.0

Feature available

From WAPT 2.1

Feature available

From WAPT 2.2

Feature available

From WAPT 2.3

Feature available

Warning

If upgrading from a version older than WAPT 2.1, the licence activation process has changed.

3.1. Switching of WAPT Edition (Community, Discovery, Enterprise)

WAPT Community is no longer supported. If you want to upgrade from WAPT 1.8.2 Community you can upgrade to WAPT Discovery or WAPT Enterprise. Please note that WAPT Discovery is limited to 300 clients.

To upgrade from a WAPT Community setup to WAPT Discovery or Enterprise follow the standard 1.8.2 to 2.4 upgrade documentation.

The WAPT Server will make the appropriate changes.

To upgrade WAPT Discovery to WAPT Enterprise simply upload a valid licence to the WAPT Server from the WAPT Console.

If your Enteprise licence expire, it will fall back on the Discovery Edition. If you are running WAPT Discovery and you have more that 300 client computers in your inventory, the WAPT Console will stop working and will only give you the option to delete computer entries from the inventory. The WAPT Console will return to working condition when the inventory returns below the 300 computer limit.

3.2. Minor upgrade

3.2.1. Upgrading from version 2.4 to latest 2.4

To do a minor upgrade please follow the procedure corresponding to your server operating system.

  • Update the underlying distribution and upgrade WAPT Server.

export DEBIAN_FRONTEND=noninteractive
apt update && apt upgrade -y
apt install tis-waptserver tis-waptsetup -y
unset DEBIAN_FRONTEND

3.2.2. Upgrading from version 2.x to 2.4

Note

Before upgrading, ensure that installation requirements are met.

WAPT 2.4 needs PostgreSQL 10 or above. If you have upgraded from a older Debian or Ubuntu version with PostgreSQL 9.6, be sure to follow the OS documentation to upgrade PostgreSQL to latest version.

If you are using WAPT WADS, please note that WAPT 2.3 WADS WinPE and WAPT 2.4 WADS WinPE are not compatible and you need to recreate WinPE File using the “upload WinPE” button in the OS Deployment tab.

Indeed, WAPT changed OpenSSL version from 1.1.1 to 3.x.

  • First of all, update the underlying distributionand install the WAPT Server packages.

apt update && apt upgrade -y
apt install apt-transport-https lsb-release gnupg
  • Then the update the package repository and import the GPG key from the repository.

wget -O - https://wapt.tranquil.it/$(lsb_release -is)/tiswapt-pub.gpg | apt-key add -
echo "deb https://wapt.tranquil.it/$(lsb_release -is)/wapt-2.4/ $(lsb_release -c -s) main" > /etc/apt/sources.list.d/wapt.list
  • Update the repository and install the packages.

export DEBIAN_FRONTEND=noninteractive
apt update
apt install tis-waptserver tis-waptsetup -y
unset DEBIAN_FRONTEND

3.3. Upgrading from version 1.8.2 to 2.4

The changement between WAPT 1.8.2 (not possible from a older version, please upgrade to 1.8.2 beforehand) and 2.4 are numerous. First of all, 1.8.2 was in Python2, we changed to Python3. A lot of new features are available too (essentially in Enterprise version).

3.3.1. Before upgrading

Ensure that installation requirements are met.

Backup your WAPT Private and Public certificates which allows you to deploy your WAPTAgent and packages. Usually, it is located in C:\private on your computer where the WAPT Console is set. If you don’t remember what this key is please refer to the section about generating the Administrator’s certificate for signing WAPT packages for better understandment.

In this documentation, your WAPT certificate’s name will be wapt-private.crt.

3.3.2. Upgrading

Note

If you are running on Debian9 Stretch, you have first to upgrade to Debian10 or Debian11 before upgrading to WAPT 2.x. The WAPT Server 2.x is not available for Debian9.

It is even recommended to upgrade to Debian 11 Bullseye. In this case, upgrade from Debian 9 => Debian 10 => Debian 11.

  • First of all, update the underlying distribution and install the WAPT Server packages.

apt update && apt upgrade -y
apt install apt-transport-https lsb-release gnupg
  • Then update the package repository and import the GPG key.

wget -O - https://wapt.tranquil.it/$(lsb_release -is)/tiswapt-pub.gpg | apt-key add -
echo "deb https://wapt.tranquil.it/$(lsb_release -is)/wapt-2.4/ $(lsb_release -c -s) main" > /etc/apt/sources.list.d/wapt.list
  • Update the repository and install the packages.

export DEBIAN_FRONTEND=noninteractive
apt update
apt install tis-waptserver tis-waptsetup -y
unset DEBIAN_FRONTEND

Your WAPT Server is now ready.

3.3.3. The WAPT management Console

To download the waptsetup.exe file, point your web browser to your waptserver url https://srvwapt.mydomain.lan, then click on the WAPTSetup link on the right-hand side of the WAPT Server web page. The WAPT Server home page only provides basic server status information and the download link for the WAPT Console.

The WAPT Server interface in a web browser

The WAPT Server interface in a web browser

3.3.3.1. Installing the WAPT Agent on the Administrator’s computer

Attention

If the WAPT Agent is not compiled and installed on your computer, you need to run de WAPT Agent installer to open and configure the WAPT Console.

Choosing the language for deploying the WAPT installer
  • Click on OK to go on to the next step.

Accepting the WAPT license terms
  • Accept the licence terms and click on Next to go to next step.

  • Choose additional configuration tasks (leave the default if not sure).

Choosing the WAPT Agent installer options

Choosing the WAPT Agent installer options

Available options of the WAPT Agent installer

Settings

Description

Default value

Install WAPT service checkbox

Enables the WAPT service on this computer.

Checked

Launch notification icon upon session opening checkbox

Launches the WAPT Agent in systray on host startup.

Not checked

Disable hiberboot, and increase shutdown GPO timeout (recommended) checkbox

Disables Windows fast startup for stability, it increases the timeout for the WAPT Exit utility.

Checked

Install the certificates provided by this installer checkbox

Installs Tranquil IT certificate on this computer.

Not checked

Use a random UUID to identify the computer instead of BIOS checkbox

For more information, check the documentation on BIOS UUID bugs

Not checked

  • Set up the WAPT Server URL.

Choosing the WAPT repository and the WAPT Server

Choosing the WAPT repository and the WAPT Server

  • Choose the WAPT repository and the WAPT Server; click Next.

  • Get a summary of the WAPT Console installation.

Summary of the WAPT installation abstract

Summary of the WAPT installation abstract

  • Click Install to launch the installation, wait for the installation to complete, then click on Finish (leave default options).

Dialog box showing the WAPT installation in progress Installation Wizard has finished
  • Uncheck Show installation documentation.

3.3.3.2. Starting the WAPT Console

  • Launch the WAPT Console:

    • By looking for the binary.

      C:\Program Files (x86)\wapt\waptconsole.exe

    • Or using the Start Menu.

    Launching the WAPT Console from the Windows Start Menu

    Launching the WAPT Console from the Windows Start Menu

  • Log into the WAPT Console with the SuperAdmin login and password.

    The WAPT Console authentication window

    The WAPT Console authentication window

If you have any issue logging into the WAPT Console, please refer to the FAQ: Error message when opening the WAPT Console.

It is recommended to launch the WAPT Console with a Local Administrator account to enable local debugging of WAPT packages.

For Enterprise version, it is possible to authenticate with Active Directory.

Danger

After the upgrade, please be sure your certificate (in this documentation wapt-private.crt) is still present at your WAPT install location : C:\Program File (x86)\wapt\ssl

Since you come from WAPT 1.8.2 which was in python2, you’ll have to re-sign all your WAPT Packages using the WAPT Console, or using the command line (only if you encounter package size issue with the WAPT Console way).

3.3.4. Re-signing Host packages

This method for re-signing all host packages is useful when the underlying cryptographic method or library changes, as this is the case when upgrading from WAPT 1.8.2 (Python 2.7 based) to WAPT >= 2.0 (Python 3.x based).

Use the Administrator’s certificate for re-signing packages.

  • Select all host.

  • Right-click on the selected hosts.

Host configuration menu list in the WAPT Console
  • Select Re-sign Host packages.

  • Confirm re-signing the selected hosts.

Modal window for confirming re-signing the selection of hosts

Modal window for confirming re-signing the selection of hosts

  • Then, enter you private key password.

Entering the password for unlocking the private key in the WAPT Console

Entering the password for unlocking the private key in the WAPT Console

  • The selected WAPT host packages are now all re-signed using the new cryptographic method required with Python3.

3.3.5. Re-signing other types of WAPT package

  • Open the repositories in your WAPT Console.

Window showing the repositories available on the WAPT Console

Window showing the repositories available on the WAPT Console

  • Select all packages in the repository, then right-click on the selection.

Menu options for repositories

Menu options for repositories

  • Select Re-sign packages.

  • To launch the signature process, click on Re-sign packages.

Window for re-signing WAPT packages

Window for re-signing WAPT packages

  • After processing, which may take some time, all packages will have been re-signed.

Signature processing has ended successfully

Signature processing has ended successfully

Attention

Signature processing has not ended successfully

If the error Access violation appear it may mean that the WAPT package is too big.

You can resign this packages using the command line.

And if it’s still not working, you can still manually edit the package and visit this procedure for signing large WAPT packages.