Hello all, thanks in advance for any help you may be able to give. I'll be the first to admit I'm not an expert on certificates, but I've read a ton of information online and I can't seem to find a clear cut answer to what I'm seeing here.
The only reason I migrated AD CS to this new domain controller a year or two ago was because I was afraid it was being used by something I can't "see" in front of my eyes, and if I didn't I would break something! As far as I know it is not integrated into anything we do, but it may be doing some work behind the scenes so to speak. I wasn't the one who originally installed it, of course.
-The CA is expired and has been for several months
-All issued certificates are expired and have been for several months
-The only thing I'm seeing in "failed requests" is requests several times a day by all the other DC's in the domain. They are failing with "required certificate not in it's validity period" - I'm assuming this is because the CA is
expired
My question is - can I simply uninstall AD CS, since there are no "active" certificates currently and everything is running fine? Or should I just renew the CA and let them get new certificates? The only reason I lean towards uninstalling is, when there is something running that I don't explicitly have a reason to run, I tend to want to get rid of it. Bit of an OCD "neat freak" when it comes to the environment. Thanks!