Share via

Can you have 2 certification authority on 1 AD (2 servers)?

Szymon Rabiza 101 Reputation points
2021-07-05T06:43:26.67+00:00

Can you have 2 certification authority on 1 AD (2 servers) or no?

Windows for business | Windows Server | User experience | Other
Accepted answer
  1. Anonymous
    2021-07-05T07:38:33.107+00:00

    Hello @Szymon Rabiza ,

    Thank you for posting here.

    Q: Can you have 2 certification authority on 1 AD (2 servers) or no?
    A: Yes, you can have 2 certification authority on 1 AD (2 servers).

    For one-tier PKI:

    You can have two one-tier CA servers (two different online Enterprise root CA servers) in one AD domain.

    ADCS Step by Step Guide: Single Tier PKI Hierarchy Deployment
    https://social.technet.microsoft.com/wiki/contents/articles/11750.adcs-step-by-step-guide-single-tier-pki-hierarchy-deployment.aspx

    For two-tier PKI:

    You can have one two-tier PKI in one AD domain.

    Two-tier PKI with one offline Standalone root CA server and one online Enterprise subordinate CA server.
    AD CS Step by Step Guide: Two Tier PKI Hierarchy Deployment
    https://social.technet.microsoft.com/wiki/contents/articles/15037.ad-cs-step-by-step-guide-two-tier-pki-hierarchy-deployment.aspx

    Or two-tier PKI with one online Enterprise root CA server and one online Enterprise subordinate CA server.

    Hope the information above is helpful.

    Should you have any question or concern, please feel free to let us know.

    Best Regards,
    Daisy Zhou

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    1 person found this answer helpful.
    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.