Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How do I transfer the Certificate Authority on a 2003 server to a 2008 server

Posted on 2009-07-14
4
Medium Priority
?
411 Views
Last Modified: 2012-08-13
How do I transfer the Certificate Authority on a 2003 server to a 2008 server
0
Comment
Question by:jfry2k
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 31

Expert Comment

by:Paranormastic
ID: 24852833
Can you be a little more specific?  An in-place upgrade is fine on the same box.  If going this route, you need to have the same edition of OS or higher (i.e. standard to standard or enterprise, enterprise needs to upgrade to enterprise).

If you want to reload into a fresh 2008 installation, then you would need to have the same machine name, same CAname, the certificate database, and the CA's private key.  You can use the CA mmc - rightclick CAName- all tasks - backup CA and select the db and private key, or you can use 'certutil -backupkey' and 'certutil -backupdb' commands to do so individually.  During installation you can specify to use an existing key, or afterwards you can 'restore ca' from the same area in the MMC.

Make sure you make a full system backup including system state prior to upgrading, of course.
0
 

Author Comment

by:jfry2k
ID: 24852972
Well, what I have in place is a server that I call security server where the CA resides.  I am looking to "decommission" that as the security server and have a new 2008 VM ready to replace the 2003 server.
0
 
LVL 31

Accepted Solution

by:
Paranormastic earned 375 total points
ID: 24853802
Are you looking to just install a brand new CA and decom the old CA as part of all that? If you do that you will need to reissue all of your certs - you can set up the new root in parallel and deploy that in AD, etc. until you are ready to decom the old CA.

How to decom a CA server properly from AD:
http://support.microsoft.com/kb/889250
0
 

Author Closing Comment

by:jfry2k
ID: 31603416
It wasn't entirely what I was looking for but since I am unfamiliar with it, I may not have a given.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction: Sometimes when I receive a call from my users to solve their problems it is very difficult for me to found their computer IP address. Even finding their computer Host to provide remote support can be a problem.  So I resorted to Goo…
The System Center Operations Manager 2012, known as SCOM, is a part of the Microsoft system center product that provides the user with infrastructure monitoring and application performance monitoring. SCOM monitors:   Windows or UNIX/LinuxNetwo…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question