Posted June 4, 201014 yr It is probably a basic CA question for a simple single Domain environment. Currently I have an Enterprise Certification Autority installed on one of the Domain controllers. The Controller is a Windows 2000 Server that we would like to upgrade. I use a self-signed certificate for OWA and for IAS authentication for my wireless clients. I cannot easily upgrade the domain without migrating the Certification authority or removing it completely from the domain controller. It looks that the second option (removing the old CA and creating a new one) is much easier. So, I plan to: Remove the CA from the domain controller Clean the references to the CA in the Active directory. Install a completely new Certification authority on a Windows 2003 member server. At what point will my clients to OWA and to the Wireless network become unable to authenticate: 1. As soon as I remove the current certification authority, 2. As soon as my current certificate expires? 3. As soon as I deliver them (manually) the new certificate? Could I make this transition period transparent for the users? Could I use for a certain time both certificates (old and new) for the IAS and OWA webmail? Thank you in advance for any suggestion.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.