Evaluating Backup Methods

Although it is generally recommended to implement Windows server backups when planning for CA disaster recovery, there are circumstances where it is preferable to perform a manual backup. For example, if you replace a server, a system state backup (included in the Windows server backup) may not start.

No matter which method you ultimately choose for protecting your CA, ensure that you perform regular CA backups.

  • For online CAs, perform full backups of the CA database nightly. This ensures that in the event of failure, the worst-case scenario is that you restore to the state at the time of the last full backup.

  • For offline CAs, perform full backups each time you access the offline CA. This occurs whenever you publish a new ...

Get Windows Server® 2008 PKI and Certificate Security now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.