Awinish's Technical Blog

Lets continue the journey of learning & Share.!!

Migrate/Upgrade CA from windows 2003 to windows 2008/R2

Posted by Awinish on February 5, 2011

Migrate/Upgrade CA from windows 2003 to windows 2008/R2

I came across various forums people need to migrate CA from old server to windows 2008 or 2008 R2, since business is taking switch from 2003 to 2008 because of the benefits from the windows 2003 to 2008/R2.

I have seen various FAQ’s like:

1.Can i migrate to another server with different Hostname?

As long as windows is running on windows 2008 or 2008 R2.

2. Can i change the CA name while migration?

No, if you do that, you are going to break the CA trusted chain & you have to start from fresh.

3. Shall i first install CA on windows 2008/R2 server or uninstall first on windows 2003 after taking backup.

You need to take the backup first, uninstall the CA on old server(else there will be conflict) & once its been uninstalled, rename the old server or remove it permanently & give time for changes to replicate in domain, once replication is complete, install the CA on windows 2008/R2.


I have added link from the Technet, which contains sufficient steps to migrate CA to new server.

Active Directory Certificate Services (AD CS) Frequently Asked Questions (FAQ)

Windows PKI blog



One Response to “Migrate/Upgrade CA from windows 2003 to windows 2008/R2”

  1. Nilomi Patel said

    Came across many articles which says Hostname change of destination server is supported , but the CA name must stay the same.
    What is the best practice to avoid any issue while moving CA from 2003 Server to 2008 R2 ?
    Do we need same Hostname ?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s