Certificate Authority Revocation issues: CRL db lost in migration
We currently have a CA which was migrated from a retired server no longer available - over 6 months now but they didn't complete the migration, and the revocation database is missing. We're now experiencing issues with certs issued but the former server that it cannot issue renew certs. What is the best approach to this? I can create another CA server but what about the root certificate of the current one? How do you point renew requests to the new server if there is no revocation DB for the already issued certs? What about the current certs issued by the current server if I migrate the current one to a new CA? I do have copies of the system32\certsrv folder and CA backup from the retired server, but this backup was used to migrate the current one which resulted in its current state. Can the revocation db just be imported? Any help would be appreciated! Thanks.