Certificate Authority Migration from Windows 2003 to WIndows 2008 R2

Discussion in 'Server Migration' started by youngny99, Aug 13, 2010.

  1. youngny99

    youngny99 Guest

    Currently we have Ent CA running on windows 2003 R2 which is also a Domain Controller. We are planning to migrate to Windows 2008 Ent R2 on a member server with a different host name. In my lab I am following MS migration guide but I have the following questions:
    1. CACertPublicationURLs and CRLPublicationURLs: the document says to replace %1 and %2 with the source server so does it mean that I have to replace these values with existing windows 2003 server name?
    2. How will it publish the name of Windows 2008 R2 CRL on the new certificates if we are replacing the values with windows 2003 server name?
    3. Our existing trusted root CA is already in the trusted root certificates on all computers in the domain but the CRL Distribution Point is currently pointing to windows 2003 CA so after the migration to windows 2008 R2 how will it point to new CA?
    4. Currently issued web server certificates will expire in 1-2 years so how do we have to publish the new CA information for those certificates?
    5. In the certificate extensions modification the document wants us to create the LDAP URL pointing to old CA but we will remove the old server from the network after the migration so how will it effect it? Do I need to create a CName of old server after removing it and point to new CA?

    Your help will be appreciated.

    Submitted via EggHeadCafe - Software Developer Portal of Choice
    Win a free Professional license of CodeSmith Generator 5.2!
    youngny99, Aug 13, 2010
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.