We help IT Professionals succeed at work.

In-place upgrade of 2012 R2 Certification Authority to 2016 R2

Robert Muscat
Robert Muscat asked
on
6 Comments
2 Solutions
3,455 Views
1 Endorsement
Last Modified: 2018-02-22
We have an Enterprise CA, with the Sub CA running on Windows server 2012 R2 VM, configured with Web Enrollment, Web Enrollment Services, Policy Web Service etc all on the same server. The Root CA is also a Windows server 2012 R2 VM and is offline.

We have both Kerberos Authentication certificates deployed for LDAPS and a number of Domain Admins utilizing Smart Card certificates for domain logons.

Since we're planning to do an in-place upgrade, what do you recommend that first gets upgraded, the Root CA or the Sub CA? Also, any things I should take care of pre upgrade and post upgrade, taking into consideration the criticality of both LDAPS and Smartcard services? Apart from taking a snapshot backup in case something goes wrong and I would need to restore the snapshot accordingly.

Thanks in advance :)
Comment
Watch Question

View Solutions Only

MaheshArchitect
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)
UNLOCK SOLUTION
Robert Muscat

Author

Commented:
Hi Mahesh,

Thanks for the feedback provided. In our case it was decided that an in-place upgrade is to take place. I believe the above steps, excluding the backup part, are more intended for a migration scenario.

Thanks and regards
Architect
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)
UNLOCK SOLUTION
MaheshArchitect
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
Answers are given appropriate, Author didn't respond
Hence trying to close
Robert Muscat

Author

Commented:
Thanks Mahesh
Robert Muscat

Author

Commented:
U just need to ensure that you would take CA backup before you go for upgrade, so by chance if upgrade fails, you still can follow approach as suggested in my 1st comment

Since the OS is a VM, can't I take a snapshot before and restore it if issues are encountered?

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions