Migrate Certificate Authority
Ref: Handy guide
Steps:
Backup CA in CA management console:
- In MMC all tasks > back up CA
Backup the following reg key on source CA server:
- HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Services > CertSvc > Configuration > <CA-NAME>
Uninstall CA role from source server
Install CA on new server
Select "Use existing private key" when configuring new certificate authority role
If the hostname is changing on the new server edit the "CAServerName" key in the registry backup taken
Stop the certificate service:
stop-service certsvc
Import/merge the edited reg key backup onto the new server
Go to Certificate services management and select restore CA
Select the backup taken from the source server.