Currently we have Ent CA running on windows 2003 R2 which is also a Domain Controller. We are planning to migrate to Windows 2008 Ent R2 on a member server with a different host name. In my lab I am following MS migration guide but I have the following questions:
1. CACertPublicationURLs and CRLPublicationURLs: the document says to replace %1 and %2 with the source server so does it mean that I have to replace these values with existing windows 2003 server name?
2. How will it publish the name of Windows 2008 R2 CRL on the new certificates if we are replacing the values with windows 2003 server name?
3. Our existing trusted root CA is already in the trusted root certificates on all computers in the domain but the CRL Distribution Point is currently pointing to windows 2003 CA so after the migration to windows 2008 R2 how will it point to new CA?
4. Currently issued web server certificates will expire in 1-2 years so how do we have to publish the new CA information for those certificates?
5. In the certificate extensions modification the document wants us to create the LDAP URL pointing to old CA but we will remove the old server from the network after the migration so how will it effect it? Do I need to create a CName of old server after removing it and point to new CA?
Your help will be appreciated.
Thanks
Submitted via EggHeadCafe - Software Developer Portal of Choice
Win a free Professional license of CodeSmith Generator 5.2!
http://www.eggheadcafe.com/tutorials...erator-52.aspx
Similar Threads
Linear Mode
