Quantcast
Viewing all articles
Browse latest Browse all 12072

Can you have two Enterprise CA on the same AD Domain at the same time

Hello

Can someone please help me with the following question

If I have a Windows 2003 R2 Enterprise Root CA on the AD Domain can I also Add a separate Windows 2012 R2 Enterprise Root CA to the same domain.

We do not use Autoenrollment on the existing 2003 R2 CA.

Network guys want to introduce a Cisco BYOD (Bring Your Own Devise) solution using Cisco ISE (Identity Services Engine) which uses SCEP/NDES and therefore need certificates from CA. The thing is the ISE recommend 2008 AD CS as a minimum

Therefore I wonder if Installing a 2012 R2 Root CA that only provides certificates via the NDES/ISE solution would be a possibility. 

I understand the Root CA Cert is held in a container under the 'Configuration' partition in Active Directory. Therefore can you have Two Root CA certs in the AD container at the same time for the same AD Domain/Forest?

The idea would then be to migrate other services to the new CA and phase out the old 2003 R2 CA over time.

Thanks All

AAnotherUser__


AAnotherUser__


Viewing all articles
Browse latest Browse all 12072

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>