418 questions
Can we migrate the ROOT CA from Enterprise server to a Standalone server?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(169.60000000000002, 17%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
Santosh Kumar
0
Reputation points
The Root CA was originally configured on an Enterprise Domain Controller. We now intend to migrate it to a new offline Standalone server. A Subordinate CA server is already in place and is currently used for issuing certificates. However, multiple certificates have also been issued directly by the Root CA as well.
Our objective is to migrate in such a way that there is no impact on the certificates previously issued by either the Root CA or the Subordinate CA Additionally, the new Standalone Root CA must retain the same CA name, the same CA certificate, and the existing private key.
Is this migration scenario feasible while preserving the trust and functionality of all existing certificates?
Windows for business | Windows Server | Devices and deployment | Install Windows updates, features, or roles
Sign in to answer