What is the best way to migrate an Offline Root CA to Azure?

Samson Barasa Wanjala 0 Reputation points

I have an offline root CA in my on-premises environment. I also have an Issuing CA. I want to move this infrastructure to the cloud and have an IPSec tunnel connecting back to on-prem infrastructure. I plan to rebuild the Issuing CA in Azure rather than migrating/replicating it. However, I am not sure of the best way to migrate the Offline root CA. Should I export the VHD to Azure and build a new machine using it? Should I bring it online and replicate it to Azure? Or what should I do?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,867 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Carlos Solís Salazar 17,021 Reputation points MVP

    In your case, I would use Azure Migrate, https://learn.microsoft.com/en-us/azure/migrate/migrate-services-overview.
    You create a process server on your on-premises infrastructure and this server has access to the internet. This server must have communication with the Root Server. Yes, you must have online access during the replication.

    Hope this helps!

    Remember to accept the answer if it is helpful.

    0 comments No comments