Hi Guys and Gals,
I have a single enterprise CA Server 2012 Ent, and I want to make it resilient.
I am using VMWare, and shared disk is not supported (and it makes backups impossible via VCB), so I am guessing that Failover Clustering for CA is a no go.
I was thinking about 1 parent CA and 2 subordinates, then taking the parent offline. Will this let either of the subordinates fail and the over sub CA verfiy and issue certs? I ask because we are using Network Access Protection and the validity period of these certificates are 4 hours, then would need renewing from a CA.
Can any kind soul point me in the right direction for setting up a resilient CA without failover clustering?
Thanks!
Ps. I have spent an age looking for docs on how to make a CA resilient, no best practice docs to be found by me :(
:-)