Rather than upgrade legacy servers (OpenAM 9.0, OpenSSO and Sun Access Manager servers), you instead migrate from your existing deployment to a new deployment.
For complex legacy deployments, ForgeRock can assist you in the migration process. Send mail to info@forgerock.com for more information.
Procedure 3.1. To Upgrade A Legacy Deployment
Prepare your customized OpenAM server .war file.
Prepare a new deployment, installing servers from the new, customized .war file as described in the Installation Guide, starting with the instructions in Installing OpenAM Core Services.
After installation, configure the new servers in the same way as the old servers, adapting as necessary.
You can use the ssoadm do-batch command to apply multiple changes with one command.
Validate that the new service is performing as expected.
Redirect client application traffic from the old deployment to the new deployment.