Solved

How do I transfer the Certificate Authority on a 2003 server to a 2008 server

Posted on 2009-07-14
4
402 Views
Last Modified: 2012-08-13
How do I transfer the Certificate Authority on a 2003 server to a 2008 server
0
Comment
Question by:jfry2k
  • 2
  • 2
4 Comments
 
LVL 31

Expert Comment

by:Paranormastic
ID: 24852833
Can you be a little more specific?  An in-place upgrade is fine on the same box.  If going this route, you need to have the same edition of OS or higher (i.e. standard to standard or enterprise, enterprise needs to upgrade to enterprise).

If you want to reload into a fresh 2008 installation, then you would need to have the same machine name, same CAname, the certificate database, and the CA's private key.  You can use the CA mmc - rightclick CAName- all tasks - backup CA and select the db and private key, or you can use 'certutil -backupkey' and 'certutil -backupdb' commands to do so individually.  During installation you can specify to use an existing key, or afterwards you can 'restore ca' from the same area in the MMC.

Make sure you make a full system backup including system state prior to upgrading, of course.
0
 

Author Comment

by:jfry2k
ID: 24852972
Well, what I have in place is a server that I call security server where the CA resides.  I am looking to "decommission" that as the security server and have a new 2008 VM ready to replace the 2003 server.
0
 
LVL 31

Accepted Solution

by:
Paranormastic earned 125 total points
ID: 24853802
Are you looking to just install a brand new CA and decom the old CA as part of all that? If you do that you will need to reissue all of your certs - you can set up the new root in parallel and deploy that in AD, etc. until you are ready to decom the old CA.

How to decom a CA server properly from AD:
http://support.microsoft.com/kb/889250
0
 

Author Closing Comment

by:jfry2k
ID: 31603416
It wasn't entirely what I was looking for but since I am unfamiliar with it, I may not have a given.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

When you are trying to access the server, have you ever encountered "The terminal server has exceeded the maximum number of allowed connection" error?  or "The user is attempting to log on to a Terminal Server in Remote Administration mode, but the …
Back in July, I blogged about how Microsoft's new server pricing model, combined with the end of the Small Business Server package, would result in significant cost increases for many small businesses (see SBS End of Life: Microsoft Punishes Small B…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now