Solved

Move Certificate Authority from 2008 to 2012 R2

Posted on 2013-11-26
2
8,174 Views
Last Modified: 2014-04-21
Hi,

What are the steps for moving a CA from a Windows server 2008 to a Windows Server 2012 R2?

And what kind of problem could we experience afterwards?

All of our computer, laptops etc. are using this CA.
0
Comment
Question by:Sum Wum
2 Comments
 
LVL 36

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39680009
You can use below guide for CA migration from 2008 to 2012 R2
The guide is upto 2012 at this moment, but i believe that it will applicable to 2012 R2 as well

http://technet.microsoft.com/en-us/library/ee126140(v=ws.10).aspx

I am just outline high level steps here

backup 2008 CA certificate with database and its registry
uninstall CA server role from 2008
Shutdown server for time being
prepare 2012 R2 member server with same host as old CA server
Install CA role with existing certificate (from Certificate backup taken above) on 2012 R2 server
Restore CA Database backup taken above from CA console on 2012 R2 server
Check if CRL and AIA entries in active directory sites and services are appropriate as your source and destination CA server Hostname is same.

Note:Do not change CA server Hostname otherwise your existing issued certificates will not able to check CRL
Once you are sure that new CA is working as expected, you can use old 2008 machine for else purpose with different host name.
Because if you face any issues on new CA, you can just uninstall CA from new server, rename it to some new name, start your old CA server, install CA role and just restore CA backup and you will be back in business.
Also you cannot change CA common name in AD

Mahesh
0
 
LVL 3

Expert Comment

by:GlobalStrata
ID: 40013817
Microsoft has posted step by step for this type of migration: http://technet.microsoft.com/en-us/library/ee126170(v=WS.10).aspx
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Exchange 2007 3 55
windows event log error 1000 DSM what does this mean? 5 36
exporting a VM fails in win 2012R2 5 22
EXCH2013 IIS 4 12
My GPO's made for 2008 R2 servers were not allowing me to RDP into a new 2012 server by default.  That’s why I tried to allow RDP via Powershell, because I could log into a remote shell without further configuration. Below I will describe how I wen…
I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question