Certificate Server removed
What would like happen if a certiifcate server suddenly went down and no way to recover?
December 1st, 2011 9:33am
Depends on what you were using the certificates for. Unless you don't have a backup your issued certificates will eventually expire and with no way of renewing them...If you use the certificates for IPsec or authentication of VPN all would eventually fail
unless you would provide a valid certificate.
How to backup a CA:
http://technet.microsoft.com/en-us/library/cc737405(WS.10).aspx#BKMK_CMD
Certificate Services Best practices:
http://technet.microsoft.com/en-us/library/cc738786(WS.10).aspxMCTS...
Free Windows Admin Tool Kit Click here and download it now
December 1st, 2011 12:53pm
I am in agreement with Marius.
Please have a look at similar thread below which may help you...
Server crash; no cert backup; possible to restore?
http://www.tek-tips.com/viewthread.cfm?qid=1601786
~Santosh
December 1st, 2011 1:03pm
Hello,
I agree with Marius.
That depends of the CA that is down and how you are using certificates.
As an example:
You use a root CA to issue and renew certificates of subordinate CAs You use subordinate CAs to issue certificates for clients
Here, making offline the root CA will cause issues when renewing the subordinate CAs (Note that it is recommended to keep it offline for security reasons).
For subordinate CAs, your clients will not be able to get certificates or renew them and current certificates will be expired after the mentioned period and services running using them will stop working.
This
posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Microsoft Student
Partner 2010 / 2011
Microsoft Certified
Professional
Microsoft Certified
Systems Administrator: Security
Microsoft Certified
Systems Engineer: Security
Microsoft Certified
Technology Specialist: Windows Server 2008 Active Directory, Configuration
Microsoft Certified
Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
Microsoft Certified
Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
Microsoft
Certified Technology Specialist: Windows 7, Configuring
Microsoft
Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
Microsoft Certified
IT Professional: Enterprise Administrator
Microsoft Certified IT Professional: Server Administrator
Microsoft Certified Trainer
Free Windows Admin Tool Kit Click here and download it now
December 1st, 2011 5:01pm
Depends on what you were using the certificates for. Unless you don't have a backup your issued certificates will eventually expire and with no way of renewing them...If you use the certificates for IPsec or authentication of VPN all would eventually fail
unless you would provide a valid certificate.
How to backup a CA:
http://technet.microsoft.com/en-us/library/cc737405(WS.10).aspx#BKMK_CMD
Certificate Services Best practices:
http://technet.microsoft.com/en-us/library/cc738786(WS.10).aspxMCTS...
December 1st, 2011 8:39pm
Hello,
I agree with Marius.
That depends of the CA that is down and how you are using certificates.
As an example:
You use a root CA to issue and renew certificates of subordinate CAs You use subordinate CAs to issue certificates for clients
Here, making offline the root CA will cause issues when renewing the subordinate CAs (Note that it is recommended to keep it offline for security reasons).
For subordinate CAs, your clients will not be able to get certificates or renew them and current certificates will be expired after the mentioned period and services running using them will stop working.
This
posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Microsoft Student
Partner 2010 / 2011
Microsoft Certified
Professional
Microsoft Certified
Systems Administrator: Security
Microsoft Certified
Systems Engineer: Security
Microsoft Certified
Technology Specialist: Windows Server 2008 Active Directory, Configuration
Microsoft Certified
Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
Microsoft Certified
Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
Microsoft
Certified Technology Specialist: Windows 7, Configuring
Microsoft
Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
Microsoft Certified
IT Professional: Enterprise Administrator
Microsoft Certified IT Professional: Server Administrator
Microsoft Certified Trainer
Free Windows Admin Tool Kit Click here and download it now
December 2nd, 2011 12:46am