How to migrate CA from Server 2003 to Server 2008 R2 – Part III Restore CA on Destination Server

Article
04/29/2012

本系列包含四大部份 , 相關連結如下

How to migrate CA from Server 2003 to Server 2008 R2 – Part I Backup CA & Uninstall ...

How to migrate CA from Server 2003 to Server 2008 R2 – Part II Install CA Role on Destin ...

How to migrate CA from Server 2003 to Server 2008 R2 – Part III Restore CA on Destinatio ...

How to migrate CA from Server 2003 to Server 2008 R2 – Part IV Post-Migration Tasks

Part III

1. 開啟CA管理畫面進行還原CA動作

2. 還原CA時會先停止CA服務 , 按確定

3. 開始後點選下一步

4. 勾選兩個選項並選擇備份的資料夾

5. 輸入先前備份時設定的密碼

6. 點選完成

7. 點選是啟動CA服務

8. 用Notepad開啟先前備份的CA機碼檔案

編輯CAServerName的值(如果Server名稱一樣則不需要進行更改)

如果原先是使用Standalone CA , 然後轉到Server 2008 R2要使用Enterprise CA時 , 需修改CAType的值成0
修改完成後點兩下匯入, 匯入後請將Certificate Service進行重新啟動的動作讓其生效

CAType值的意義
=============
CAType = 0 (This means it is installed as Enterprise Root CA)
CAType = 1 (This means it is installed as Enterprise Subordinate CA)
CAType = 3 (This means it is installed as Stand Alone CA)
CAType = 4 (This means it is installed as Stand Alone Subordinate CA)

9. 將Source Server的C:\windows\system32\Certsrv\CertEnroll裡面的SourceServerName.domain.com_CAName(X).crt檔案
複製到目的端Server的C:\windows\system32\Certsrv\CertEnroll資料夾內 (如下圖 , server2003是Source Server , 08r2-wins是Destination server)

How to migrate CA from Server 2003 to Server 2008 R2 – Part III Restore CA on Destination Server

Additional resources