We have a Certificate Authority that we would like to migrate. Current OS: Windows Server 2012R2
Would like to migrate the CA to the new VM with Windows Server 2019. But with the export of the CA we have following error: 'Windows cannot back up one or more private keys because the CSP does niet support key export".
The certs are only issued to clients and servers. (Computer (machine), Domain Controller Authentication, Kerberos Authentication)
I installed the CA role on the new Server 2019 machine and configured a new root CA.
I removed the certificate templates from the old CA server.
I see that new clients are getting the certs from the new CA server. Is there a way where we can force the clients with certs from the old CA to renew this so they receive also a new cert from the new CA? Or do we simply need to wait when the old certs are expired?
Would like to know when we can fully uninstall the old cert server.
Thanks in advance!