Windows Server 2008 R2 achieved end of support via Microsoft on January 14th 2020. In a previous post, steps were detailed on Active Directory Certificate Service migration from 2008 R2 to 2019 but required the new Windows Server 2019 server to have the same name as the previous 2008 R2 server. Many of you have reached out asking for an update of the steps to reflect Active Directory Certificate Service migration from 2008 R2 to 2016 / 2019 containing a different name. A solution has been found and tested with repeatable steps shared below.
NOTE: The following was tested in a lab environment. While the solution was successful it may not reflect your organization's current setup. Please test the steps below in a lab environment prior to implementing on production.
Backup of the Certificates is now complete and the files can now be moved to the new Windows 2016 / 2019 server.
*NOTE: The screenshots below show the server name as WS2019 to highlight which server we are working on. This step-by-step highlights screenshots from Windows Server 2019. Windows Server 2016 process is the same with similar screenshots
In this step will look in to configuration and restoring the backup created previously
net stop certsvc
It is now time to reissue the certificate with the migration process now complete.
This completes the Active Directory Certificate Service migration steps from 2008 R2 to 2016 / 2019 containing a different server name.
The following video also shares steps surrounding this process as well as migrating DNS.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.