Hi all,
I've followed this documented procedure to migrate my standalone root CA from a Windows Server 2003R2 to Windows Server 2012R2:
http://technet.microsoft.com/en-us/library/dn486805.aspx
In the article there is no mention about public key length but, at the end of the procedures when I try to start the new CA I got the error "a signature algorithm or public key length does not meet the system's minimum required strength".
my old CA has a 512bit key length, I guess Windows 2012R2 does not support anything less then 1024 bit, so I cannot migrate? I think that if I change my CA's certificate I've to reconfigure a lot of things in my AD...