I have a 2003 server with a CA on it that is stopped. We will be decommissioning this server in the next 2 weeks or so.
I have a 2008R2 DC that I want to setup LDAP over SSL to our Sonicwall router for LDAP integration.
Per this article (
) you can just install an Enterprise Root CA on the 2008R2 DC and LDAPS will be enabled automatically.
However, my concern is if I already have a CA on the 2003 server, will it cause a conflict on the active directory network? or will they be completely seperate?
Also, another option I have since installing an Enterprise Root CA on a DC is not recommended is to create a certificate from the current CA on the 2003 server. However my concern is if I decommission that CA in 2 weeks, will that be a problem in using the certificate or does it not matter? Can I just setup another CA in 5 years to recreate the certificate when it expires?
I'm not that familiar with using Microsoft CAs so want to keep it as simple as possible and thus the above questions. Thanks.