Re: How to install a new Enterprise Root Certificate Authority to replace an old one?
From: Erik (umetricsdev_at_umetrics.com)
Date: 04/23/04
- Next message: Mariano: "Enterprise Root CA"
- Previous message: S. Pidgorny
: "Re: Product Support Services - MALICIOUS ACTIVITY RELATING TO MS04-011" - In reply to: Bob Qin [MSFT]: "RE: How to install a new Enterprise Root Certificate Authority to replace an old one?"
- Next in thread: Bob Qin [MSFT]: "Re: How to install a new Enterprise Root Certificate Authority to replace an old one?"
- Reply: Bob Qin [MSFT]: "Re: How to install a new Enterprise Root Certificate Authority to replace an old one?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 23 Apr 2004 11:11:52 +0200
Thanks for the reply,
Yes, I saw that KB-article, but from what I read on google it won't help me
because apparently an Enterprise CA cannot be moved to a server with a
different name. See the following post by David Cross [MS]
(dcross@online.microsoft.com) in the thread "Migration of Certificate
Authority from Windows 2000 Server to Windows 2003 Server" in
microsoft.public.win2000.security from 2003-09-17.
> Unfortuately you cannot change the name of the CA if it is an enterprise
CA.
> Hence, you will not be able to move it to a new machine with a different
> name nor a new DC. You are much better off installing a new CA and
> sunsetting the old one.
Buf of course, if David Cross' post is INCORRECT I can upgrade the old DC to
w2k3 and then transfer the Enterprise CA to the new DC, but I'd rather not
start doing this unless I know it will work.
But IF indeed Enterprise CAs cannot be moved to a different DC my original
questions on exactly how to install a completely new Enterprise CA and
"sunsetting" the old one still holds (please see my original post).
/ Erik
"Bob Qin [MSFT]" <bobqin@online.microsoft.com> wrote in message
news:N8Brq$PKEHA.308@cpmsftngxa10.phx.gbl...
> Hi Erik,
>
> Thanks for your posting here.
>
> To move a CA from Windows 2000 Server to Windows Server 2003, you can
first
> upgrade the CA server that is running Windows 2000 Server to Windows
Server
> 2003, and then follow the steps that are outlined in this article.
>
> 298138 HOW TO: Move a Certification Authority to Another Server
> http://support.microsoft.com/?id=298138
>
> Have a nice day!
>
> Regards,
> Bob Qin
> Product Support Services
> Microsoft Corporation
>
> Get Secure! - www.microsoft.com/security
>
> ====================================================
> When responding to posts, please "Reply to Group" via your newsreader so
> that others may learn and benefit from your issue.
> ====================================================
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
- Next message: Mariano: "Enterprise Root CA"
- Previous message: S. Pidgorny
: "Re: Product Support Services - MALICIOUS ACTIVITY RELATING TO MS04-011" - In reply to: Bob Qin [MSFT]: "RE: How to install a new Enterprise Root Certificate Authority to replace an old one?"
- Next in thread: Bob Qin [MSFT]: "Re: How to install a new Enterprise Root Certificate Authority to replace an old one?"
- Reply: Bob Qin [MSFT]: "Re: How to install a new Enterprise Root Certificate Authority to replace an old one?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
