How to migrate Certificate Authority from Win2k3 'Server1' to Win2k8 'Server2'
Posted on 2008-10-01
I have an old Windows 2003 DC that I'd like to demote as we are now running a new Windows 2008 DC. I cannot demote it, however, until the Certificate Authority is moved off of it.
- The old Windows 2003 DC is named 'Server1' (as an example)
- The new Windows 2008 DC is named 'Server2'
I know Microsoft's instructions say that you must move the CA to a server of the same name, but to do this would not be easy so I need to find a way to move the CA to the new Windows 2008 server without it having the same name as the old Windows 2003 server...
The Win2k3 CA has about 2 dozen 'Basic EFS' certificates, and a couple 'EFS Recovery Agent's, and one 'Web Server' certificate (for our Exchange 2007 OWA mail server).
Can anyone suggest my best option to get the CA moved over to the new Windows 2008 server? Is my only option to have it named the same as the old server?
Any suggestions would be appreciated!