Solved

What are the ramifications of removing a Windows PKI?

Posted on 2014-11-19
2
158 Views
Last Modified: 2014-11-20
I inherited a Windows domain with a PKI configured.  To the best I can determine, it appears it was set up with the goal of enabling encryption on a file server but that it was never enforced and that file server has since been replaced.

I'd like to remove the PKI because it doesn't appear that we're using it and it's messing up some third party certs installed on a couple of domain controllers used for LDAP authentication for cloud services.

What possible/likely consequences are there of removing it (assuming that I follow the articles for removing it)?
0
Comment
Question by:FinServCo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 40454603
If some form of PKI services are installed, it may be running Cert authority services or used to issue cert to other station or server, good to make this is not the intent and the server is not having a CA role. The certificate store will be archiving all certificate and it is good to backup all including private key in case there is need for them due to EFS or other services unknown at the point of removal. Of course ideally it is to clone another HDD before changes make and safekeep for monitoring as backup recovery if need to..also the security log from security event to backup for audit trail...but "PKI" is a big word though for a server may be just part of the PKI ecosystem

In case the below are relevant
How to decommission a Windows enterprise certification authority and remove all related objects
0
 
LVL 2

Author Closing Comment

by:FinServCo
ID: 40454987
Thanks, this gives me more of an idea to look for what it may affect.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Port 808 is being blocked 9 171
Bit Locker 2 85
Understanding a problem in Security services and protocols 3 114
Corrupt / Encrypted Word Documents 6 86
Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question