CertificateAuthority

From Piszczynski

Migrate Certificate Authority

Ref: Handy guide

Steps:

Backup CA in CA management console:

  • In MMC all tasks > back up CA

Backup the following reg key on source CA server:

  • HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Services > CertSvc > Configuration > <CA-NAME>

Uninstall CA role from source server

Install CA on new server

Select "Use existing private key" when configuring new certificate authority role

If the hostname is changing on the new server edit the "CAServerName" key in the registry backup taken

Stop the certificate service: 

stop-service certsvc

Import/merge the edited reg key backup onto the new server

Go to Certificate services management and select restore CA

Select the backup taken from the source server.

Retrieved from ‘http://piszczynski.com/index.php?title=CertificateAuthority&oldid=884
Last modified
This page was last modified on 21 November 2023, at 14:36.