James Fry
asked on
How do I transfer the Certificate Authority on a 2003 server to a 2008 server
How do I transfer the Certificate Authority on a 2003 server to a 2008 server
ASKER
Well, what I have in place is a server that I call security server where the CA resides. I am looking to "decommission" that as the security server and have a new 2008 VM ready to replace the 2003 server.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
It wasn't entirely what I was looking for but since I am unfamiliar with it, I may not have a given.
If you want to reload into a fresh 2008 installation, then you would need to have the same machine name, same CAname, the certificate database, and the CA's private key. You can use the CA mmc - rightclick CAName- all tasks - backup CA and select the db and private key, or you can use 'certutil -backupkey' and 'certutil -backupdb' commands to do so individually. During installation you can specify to use an existing key, or afterwards you can 'restore ca' from the same area in the MMC.
Make sure you make a full system backup including system state prior to upgrading, of course.