Removing old CA - New CA isn't listed in Sites & Services | Certification Authorities

Gregg Hughes 291 Reputation points
2021-03-31T14:57:07.77+00:00

Good morning, all!

I'm preparing to remove an old CA from our AD structure. The old CA is listed in Sites & Services | Certification Authorities, but the new one isn't. I went from a single Enterprise CA to a two-tier standalone CA/Issuing CA structure as per Microsoft's Best Practices.

Is having a standalone root CA, not part of AD, the reason I don't see the new servers in Sites & Services? If so, I can safely delete the OLD CA from Certification Authorities with no ill effect?

Thanks!

Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,701 questions
0 comments No comments
{count} votes

Accepted answer
  1. Vadims Podāns 8,861 Reputation points MVP
    2021-03-31T15:01:42.603+00:00

    you have to publish it manually using certutil:

    certutil -dspublish -f rootcacert.crt RootCA
    

0 additional answers

Sort by: Most helpful