Setting up a new CA server /removing the old one

  • Thread starter Thread starter bay-br
  • Start date Start date
B

bay-br

Guest
In brief, we have a CA services (AD integrated)installed on a machine
that might get removed off the network. Now, we have issued a few
server certificates (for web access) and certs for EFS usage. We dont'
want anything in the windows domain to break by removing this box.

What I am planning to do:
1)Installa new Ent CA in the network (possible?) This will be the only
CA in the domain eventually.
2)Revoke certs issued by old CA server
3)Issue new server certs (web access) using th new CA
4)If all is well, uninstall the old CA.

My assumption is that the existing CA server is only used for EFS and
server certificates.

Is this feasible? Will I majorly break anything in my domain by doing
this?
thanks.
 
Back
Top