Moving SCCM to new Root CA

Lazher YAAKOUBI 381 Reputation points
2021-09-19T17:53:07.25+00:00

Hi,

I plan to remove and reconfigure Root CA in my environment, the SCCM infrastructure uses a PKI, so my question, if I remove the Root CA server and configure another one, I need to configure the SCCM environment with a new certificate from the new root CA or I have to use some other method to do it.

Thanks.
A+

Microsoft Configuration Manager
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Jason Sandys 31,181 Reputation points Microsoft Employee
    2021-09-20T03:17:07.287+00:00

    You can have multiple root CAs to help facilitate a slower transition. The root CA configured ion the client communication tab of the site is used for client cert selection and this CA is also added as a trusted root on devices going through OSD.

    What's happening to old root CA?

    1 person found this answer helpful.