CA Certificates

[Guest]

Hi,

Can anyone help as I cannot find any articles on this.
I have CA Root Certificates installed on Server-A (was a exchange email
server). This Server-A will be replaced by Server-B (new exchange server).
Server-A is going to be rebuilt as a Domain Controller with a different name.

I need to move the CA Root to another server Server-C which is another
domain controller.

I have found articles on Microsoft which show how to move CA certificates
from one server to another but they must have the same name.

Is there a way to move the CA root certificates to another server that has a
different name?

If not can I un-install the CA root certificates and create new ones for my
network? If I was to do this will this impact my network?

Any help would be much appreciated.

Regards,
Boris

 

[Steven L Umbach]

You should also post in the Microsoft.public.security.crypto newsgroup. I
really doubt their is a way to do what you want. You can configure your
computers to trust certificates from the "old" CA if you remove it but if
the applications require a CRL then you can have problems when the CRLs
expire for that CA. Something to consider is to create your new CA and then
deployed needed certificates to all users and computer from that CA. This is
a Windows 2000 newsgroup so the assumption is that your servers are all
Windows 2000. If that is incorrect and your CA is Windows 2003 installed in
Windows 2003 Enterprise Server then the new deployment could be rather fast
and easy. Again the Microsoft.public.security.crypto newsgroup would be the
best place to post. --- Steve

 

[Guest]

Thankyou Steve for your reply.

The environment is Windows 2003 Standard.

I will try the microsoft.public.security.crypto newsgroup.

Thanks.
Boris