Remove Certificate Services
Posted on 2009-04-14
We currently have certificate services installed on one of our domain controllers (Windows 2003 Functional Domain) We are only using certificate services to issue an internal SSL key on one of our internal web servers. We recently renamed our Domain and as you would expect, the certificate is now broken. I am wondering if we can just uninstall Certificate Services, re-install certificate services on a different member server and re-issue the certificate to the internal web server. Everything I have found online talks about moving certificate services to a different computer, not uninstalling it. I looked through all the certificates that have been issued and we only have one that is currently not expired and that is the one on our internal web server.
We are also getting the following errors on our Domain Controllers
Event ID 13
Automatic certificate enrollment for local system failed to enroll for one Domain Controller certificate (0x80070005). Access is denied.
So I am a little nervous about removing Certificate Services, because I am not sure how this will affect our Domain Controllers.