Transferring Certificate Authority to a different Active Directory server
Posted on 2007-04-05
I am fairly new at dealing with Certificate Authorities but here is my situation.
I currently have my Certificate Authority running on a domain controller. For various reasons I would like to move the Certificate Authority to a different domain controller. I have found several articles on how to move the CA to a new server that will have the same name as the old server but none explaining how to actually deal with a move to a completely different server with a different name.
I don’t have too many Web Site certificates issues from the current CA so it would not be the end of the world to reissue those again from the new CA. When I look at my CA under “Issued Certificates” I see what appears to be a certificate for every computer on my domain. I’m unsure of what these certificates do or how they would be handled if I transfer the CA to a new server. Any explanation of these would be usefull.
Finally is there a way to fully back up the CA on the current machine so that if there was a problem after moving to the new server I could revert back?
Thanks for your assistance.