The service must be stopped to prevent issuance of additional certificates. The backup files are created in a subdirectory named Database. If the specified directory does not exist, it is created. The specified value can be a relative or absolute path. Open a Command Prompt window, and type net stop certsvc to stop the Active Directory Certificate Services service.īackupDirectory specifies the directory in which the backup files are created. On the Completing the Backup Wizard page, click Finish.Īfter the backup completes, verify the following files in the location you specified:ĬAName.p12 containing the CA certificate and private keyĭatabase folder containing files certbkxp.dat, edb#.log, and CAName.edb
#Revert pending actions server 2012r2 password
Use a strong password for example, at least eight characters long with a combination of uppercase and lowercase characters, numbers, and punctuation characters. On the Select a Password page, type a password to protect the CA private key, and click Next. On the Items to Back Up page, select the Private key and CA certificate and Certificate database and certificate database log check boxes, specify the backup location, and then click Next. On the Welcome page of the CA Backup wizard, click Next. Right-click the node with the CA name, point to All Tasks, and then click Back Up CA. Open the Certification Authority snap-in. To back up a CA database and private key by using the Certification Authority snap-inĬhoose a backup location and attach media, if necessary. On a standalone CA, the default configuration for CA administrators includes the local Administrators group. On an enterprise CA, the default configuration for CA administrators includes the local Administrators group, the Enterprise Admins group, and the Domain Admins group. You must use an account that is a CA administrator. Using certutil for CA backup is covered in the next section. If you prefer, you can use the certutil application to back up the CA database and private key. Complete either one of the backup procedures described in this section. You can back up the CA database and private key by using the Certification Authority snap-in or by using Certutil.exe at a command prompt. This is an optional set of steps if you are migrating to a failover cluster. Granting permissions on AIA and CDP containersĪdditional procedures for failover clustering
Restoring the CA database and configuration on the destination server Joining the destination server to the domainĪdding the CA role service to the destination server Removing the source server from the domain Removing the CA role service from the source server Review all procedures in this topic and complete only the procedures that are required for your migration scenario.
#Revert pending actions server 2012r2 windows
Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Server 2012 R2, Windows Server 2012
0 kommentar(er)
