Share via

What is the best way to migrate an Offline Root CA to Azure?

Samson Barasa Wanjala 20 Reputation points
2024-05-07T04:04:56.6766667+00:00

I have an offline root CA in my on-premises environment. I also have an Issuing CA. I want to move this infrastructure to the cloud and have an IPSec tunnel connecting back to on-prem infrastructure. I plan to rebuild the Issuing CA in Azure rather than migrating/replicating it. However, I am not sure of the best way to migrate the Offline root CA. Should I export the VHD to Azure and build a new machine using it? Should I bring it online and replicate it to Azure? Or what should I do?

Microsoft Security | Microsoft Entra | Microsoft Entra ID
Answer accepted by question author
  1. Carlos Solís Salazar 18,376 Reputation points MVP Volunteer Moderator
    2024-05-07T20:18:26+00:00

    In your case, I would use Azure Migrate, https://learn.microsoft.com/en-us/azure/migrate/migrate-services-overview.
    You create a process server on your on-premises infrastructure and this server has access to the internet. This server must have communication with the Root Server. Yes, you must have online access during the replication.

    Hope this helps!

    Remember to accept the answer if it is helpful.

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.