No announcement yet.

Remove enterprise CA

  • Filter
  • Time
  • Show
Clear All
new posts

  • Remove enterprise CA

    Working on removing an enterprise ca from a domain using Microsoft's KB889250. Just a little confused about step 6 (remove objects from AD). In step 3 you are asked to publish a CRL, but won't removing AD CA objects also remove the CRL? The main certificate is expired and the only certificates issued are to DCs. Is it necessary to delete the AD objects if you publish a CRL? If anyone can provide any assistance in removing the CA it would be greatly appreciated.
    Many thanks in advance.

  • #2
    Re: Remove enterprise CA


    Well when you talk about removng CA from your domain, the first question you need to answer is where all you are using the certificates issued by this CA.

    and if you are not using these certs anywhere then just uninstall it from appwiz.cpl>win components...and forget about it, no need to worry abt it

    pledge technologies
    Best Regards,
    Pledge Technologies


    • #3
      Re: Remove enterprise CA

      Thanks for the reply. We were able to look further into the server. Evidently it was once used for OWA. The certs issued is to OWA and the DCs. We took the CA offline and the DCs starting logging KDC warnings. The concern is that AD may not function correctly if the CA is not properly removed. Any advise would be greatly appreciated.