Solved

How do I transfer the Certificate Authority on a 2003 server to a 2008 server

Posted on 2009-07-14
4
406 Views
Last Modified: 2012-08-13
How do I transfer the Certificate Authority on a 2003 server to a 2008 server
0
Comment
Question by:jfry2k
  • 2
  • 2
4 Comments
 
LVL 31

Expert Comment

by:Paranormastic
ID: 24852833
Can you be a little more specific?  An in-place upgrade is fine on the same box.  If going this route, you need to have the same edition of OS or higher (i.e. standard to standard or enterprise, enterprise needs to upgrade to enterprise).

If you want to reload into a fresh 2008 installation, then you would need to have the same machine name, same CAname, the certificate database, and the CA's private key.  You can use the CA mmc - rightclick CAName- all tasks - backup CA and select the db and private key, or you can use 'certutil -backupkey' and 'certutil -backupdb' commands to do so individually.  During installation you can specify to use an existing key, or afterwards you can 'restore ca' from the same area in the MMC.

Make sure you make a full system backup including system state prior to upgrading, of course.
0
 

Author Comment

by:jfry2k
ID: 24852972
Well, what I have in place is a server that I call security server where the CA resides.  I am looking to "decommission" that as the security server and have a new 2008 VM ready to replace the 2003 server.
0
 
LVL 31

Accepted Solution

by:
Paranormastic earned 125 total points
ID: 24853802
Are you looking to just install a brand new CA and decom the old CA as part of all that? If you do that you will need to reissue all of your certs - you can set up the new root in parallel and deploy that in AD, etc. until you are ready to decom the old CA.

How to decom a CA server properly from AD:
http://support.microsoft.com/kb/889250
0
 

Author Closing Comment

by:jfry2k
ID: 31603416
It wasn't entirely what I was looking for but since I am unfamiliar with it, I may not have a given.
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you are trying to access the server, have you ever encountered "The terminal server has exceeded the maximum number of allowed connection" error?  or "The user is attempting to log on to a Terminal Server in Remote Administration mode, but the …
The System Center Operations Manager 2012, known as SCOM, is a part of the Microsoft system center product that provides the user with infrastructure monitoring and application performance monitoring. SCOM monitors:   Windows or UNIX/LinuxNetwo…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question