30 September 2014

How to backup your CA

1.      In Server Manager, click Tools > Certificate Authority.
2.      Right-click your certificate authority name, select All Tasks > Backup CA.... On the Wizard            Welcome page, click Next
3.      Select the Private key and CA certificate and Certificate database and certificate database            log items to backup.
4.      Enter c:\backup in the backup path field and click Next > OK on the popup to create the                      directory.
5.      Enter a strong password on the Select a Password page and click Next > Finish.

An alternate method is to use the command certutil –backup c:\backup at command prompt and then enter a password when prompted.
Now we have backed up the private key, database and log files.
Next, we need to back up the CA’s registry settings.

6.      Using command prompt, execute the following command:
Reg save HKLM\System\CurrentControlSet\Services\CertSvc c:\backup\CAconfig.hiv
7.      Copy the CApolicy.inf file (if exists) to C:\Backup.
8.      Using command prompt, execute the following command:         Certutil –v –CAtemplates > C:\Backup\Templates.txt

More info can be found here

No comments:

Post a Comment