We currently have a root ca setup on a 2003 std box. I only used it for one self signed cert. I noticed that it has given out certs to domain controllers. If I remove ca from this server will this break anything? I want to install ca on our 2003 enterprise server to take advantage of windows mobile device manager. I want it to be the root ca instead of a subordinate that is why I want to remove it from one server. Also what if I want to phase out one of these ca's, how could I do this without causing issues?