Exchange 2007 and Deleting Enterprise CA from Server 2003 DC
Hi all, yesterday I migrate my AD to server 2008, I like to depromote the AD 2003 but I have a message to uninstall CA Server Certificate, We have a Exchange Server that use a certificate from the 2003 server CA Authority, and I have users that access
with outlook anywhere with the certificate of server 2003 CA instaling the CA Certificate, the question: I dont like to use the CA certificate 2003 and I dont like to migrate CA certificate, what happend with exchange or Active directory If I uninstall CA
Certificate and depromote the server 2003 DC?
September 22nd, 2010 11:59am
You'll lose the certificate chain and the trust between clients and that server will be broken unless the entire chain is accessible. That will cause certificate errors, possible connection problems, popups and probably help desk calls.
3rd party certificates are always recommended and you should either move the certificate authority to another server or push out 3rd party certs before removing anything.
If you need to move the CA functionality: ( If you have any other Windows CA questions, please ask in the Windows Forums :
http://social.technet.microsoft.com/Forums/en/category/windowsserver/)
http://www.scottfeltmann.com/index.php/2010/03/02/move-root-ca-from-w2k3-to-w2k8/
Move Root Certificate Authority from Windows Server 2003 to Windows Server 2008
http://support.microsoft.com/kb/298138
http://technet.microsoft.com/en-us/library/cc755153(WS.10).aspx
Free Windows Admin Tool Kit Click here and download it now
September 22nd, 2010 1:43pm