Link to home
Start Free TrialLog in
Avatar of James Fry
James Fry

asked on

How do I transfer the Certificate Authority on a 2003 server to a 2008 server

How do I transfer the Certificate Authority on a 2003 server to a 2008 server
Avatar of Paranormastic
Paranormastic
Flag of United States of America image

Can you be a little more specific?  An in-place upgrade is fine on the same box.  If going this route, you need to have the same edition of OS or higher (i.e. standard to standard or enterprise, enterprise needs to upgrade to enterprise).

If you want to reload into a fresh 2008 installation, then you would need to have the same machine name, same CAname, the certificate database, and the CA's private key.  You can use the CA mmc - rightclick CAName- all tasks - backup CA and select the db and private key, or you can use 'certutil -backupkey' and 'certutil -backupdb' commands to do so individually.  During installation you can specify to use an existing key, or afterwards you can 'restore ca' from the same area in the MMC.

Make sure you make a full system backup including system state prior to upgrading, of course.
Avatar of James Fry
James Fry

ASKER

Well, what I have in place is a server that I call security server where the CA resides.  I am looking to "decommission" that as the security server and have a new 2008 VM ready to replace the 2003 server.
ASKER CERTIFIED SOLUTION
Avatar of Paranormastic
Paranormastic
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
It wasn't entirely what I was looking for but since I am unfamiliar with it, I may not have a given.