Moving SCCM to new Root CA

Lazher YAAKOUBI 381 Reputation points


I plan to remove and reconfigure Root CA in my environment, the SCCM infrastructure uses a PKI, so my question, if I remove the Root CA server and configure another one, I need to configure the SCCM environment with a new certificate from the new root CA or I have to use some other method to do it.


Microsoft Configuration Manager
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Jason Sandys 31,181 Reputation points Microsoft Employee

    You can have multiple root CAs to help facilitate a slower transition. The root CA configured ion the client communication tab of the site is used for client cert selection and this CA is also added as a trusted root on devices going through OSD.

    What's happening to old root CA?

    1 person found this answer helpful.