Guest bay-br Posted August 23, 2007 Posted August 23, 2007 In brief, we have a CA services (AD integrated)installed on a machine that might get removed off the network. Now, we have issued a few server certificates (for web access) and certs for EFS usage. We dont' want anything in the windows domain to break by removing this box. What I am planning to do: 1)Installa new Ent CA in the network (possible?) This will be the only CA in the domain eventually. 2)Revoke certs issued by old CA server 3)Issue new server certs (web access) using th new CA 4)If all is well, uninstall the old CA. My assumption is that the existing CA server is only used for EFS and server certificates. Is this feasible? Will I majorly break anything in my domain by doing this? thanks.
Recommended Posts