This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 43%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMC%3C/text%3E%3C/svg%3E)
I read some documents if the migration gets the error, I want to fallback to the original CA server,
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 68%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELT%3C/text%3E%3C/svg%3E)
Hello there,
As one of the first steps check the integrity of the Active Directory database file ntds.dit and see if there are any corruption.
You cannot migrate CA to another server without valid backup of all CA keys so i would suggest you to back up before the migration.
I would double-check what certificates are stored in PFX. For example, by running certutil -dump and specify the path to a PFX file.
Hope this resolves your Query !!
--If the reply is helpful, please Upvote and Accept it as an answer--
I am just planning the migration, and I want to have a fallback plan in advance,
so, I doubt 1 or 2 is the best choice, thanks.