Aloha ahiahi e ka makamaka heluhelu,
E haʻi aku wau iā ʻoe e pili ana i ka moeʻuhane aʻu i hele ai ma ka neʻe ʻana iā CA mai Windows 2008R2 a i Windows 2012 R2. Nui nā ʻatikala ma ka pūnaewele e pili ana i kēia a ʻaʻohe pilikia.
I koʻu minamina, ʻaʻole wau he Windows Admin, ʻoi aku wau i kahi * nix admin, akā ua hoʻonohonoho ʻia ka hana o ka neʻe ʻana o CA - pono e hana ʻia.
Ma lalo o ka ʻokiʻoki, e haʻi wau iā ʻoe pehea wau i hele ai i kēia kaʻina hana a hoʻopau ʻia me kahi mea ʻole-HappyEnd.
A no laila e hele kāua...
ʻIke mua:
Puna - Windows 2008 R2 me ke kumu CA
Kuhikuhi - Windows 2012R2
Ua loaʻa iaʻu ka Windows 2012R2 i hoʻonohonoho ʻia a hoʻonohonoho liʻiliʻi ʻia.
I ka wā mua, penei ka papahana hana (nā hana pōkole):
1) Hana i kahi Backup CA+Private Key a kope iā ia i ka mahele maʻamau no nā kamepiula ʻelua
2) Wehe i ka pahuhopu mai ke kikowaena a hoʻololi i ka IP
3) Hana i kahi paʻi kiʻi o ke kikowaena
4) E hoʻololi i ka IP ma ke kumu
5) Hele mākou i kahi kikowaena Windows 2012R2 hou ma ke ʻano he luna - e hoʻokomo iā ia i loko o ka waihona me ka inoa like a hāʻawi i ka IP kahiko.
6) E hoʻonoho i ke kuleana o ka Active Directory Certificate Service (CA, CA Web Enrollment, NDES, Online Responder)
7) Hōʻike mākou ʻo Enterprise CA kēia
8) E hoʻihoʻi i ka CA+Private Key mai ka waihona
9) Hauʻoli Hope
ʻAe, ʻaʻohe mea paʻakikī. A hoʻomaka wau e hoʻokō. ʻO kaʻoiaʻiʻo,ʻaʻohe pilikia a hele nā mea a pau e like me ka uaki ... Ua hoʻomaka ka lawelawe, uaʻikeʻia nā Palapala Hōʻoia a uaʻikeʻia nā palapala hōʻoia. Ma keʻano laulā, ua maikaʻi nā mea a pau. No laila ua hele au e moe. I ke kakahiaka ʻaʻohe hoʻopiʻi e pili ana i ka hana a CA a no laila ua manaʻo wau ua hana nā mea āpau a hele i nā hana ʻē aʻe. I ke kaʻina hana o ka hoʻoponopono ʻana iā lākou, pono wau i kahi palapala hōʻoia. Ua hana au i .csr a hahai i ka loulou e kau inoa a loaʻa i kahi palapala hōʻoia a i kēia manawa ua hewa. ʻO ka mea pōʻino, ʻaʻole wau i lawe i kahi kiʻi paʻi, akā ua ʻōlelo ʻo ia i ka ʻike like ʻole o ka mea hoʻohana a me kekahi mau hewa ʻē aʻe. ʻAe, eia mākou, manaʻo wau. Ua hoʻomaka wau i ka googling, akā naʻe, ʻaʻole i loaʻa iaʻu kekahi mea i maopopo.
I ke ahiahi ua hoʻoholo mākou e wehe iā CA Windows 2012R2 a hoʻokomo i nā mea hou a pau, a laila ua hewa wau; ma kahi o Enterprise CA, ua koho wau i ke koho Standalone CA (ʻoiai ua aʻo wau e pili ana i kaʻu kuhi ma hope). Ua hana hou au i nā hana a pau ... hele nā mea a pau me ka hala ʻole - akā ke koho wau i ka waihona Palapala Hōʻoia, loaʻa iaʻu ʻaʻole ʻike ʻia ka Element, ʻoiai inā koho wau i ka Manage, a laila aia nā templates.
Ua manaʻo wau ʻaʻole lawa nā kuleana no kēia CN=Certificate Templates, no laila me ka hoʻohana ʻana iā ADSI Edit ua hāʻawi wau iā Read no vm_ca$. Hoʻomaka hou au i ka CertSvc a... hopena: ʻAʻole i loaʻa ka mea.
A laila kaumaha au no ka mea ʻo 2 am ... a ʻaʻole hana ʻo CA. Hoʻopau wau i ka CA Windows 2012R2 a hoʻihoʻi i ka VM CA Windows 2008R2 mai ka paʻi kiʻi. Ke hoʻihoʻi nei au i ke kikowaena iā AD (no ka mea, ke hoʻāʻo wau e komo me kahi moʻokāki domain, loaʻa kahi hewa e pili ana i ka pilina ma waena o ke kikowaena a me AD).
ʻAe, manaʻo wau ... e maikaʻi nā mea a pau i kēia manawa, akā naʻe ... ʻo ia mau nā palapala hōʻoia like - loaʻa iaʻu ʻaʻole i loaʻa ka Element. E waiho wau i nā mea a pau a kakahiaka - no ka mea, ʻoi aku ka naʻauao o ke kakahiaka ma mua o ke ahiahi.
I ke kakahiaka ua google au a heluhelu i nā ʻatikala like ʻole - ua hoʻoholo wau e hoʻokomo hou i ka CA ma ka server kahiko me ka manaʻolana e hoʻonā i ka pilikia Element Not Found a hāʻawi i nā palapala hōʻoia ma o ka Pūnaewele.
He mea maʻalahi ke kaʻina hana:
1) Holoi i ka hana CA
2) Hoʻonui i ka ukana
3) E kali a pau ke kaʻina hana wehe
4) Hoʻohui i ka hana CA (e wehewehe i CA, CA Web Enrollment, NDES, Online Responder)
5) Hōʻike mākou he Enterprise CA kaʻu a he kī pilikino kaʻu
6) Ke kali nei mākou i ka hoʻonohonoho ʻana e hoʻopau a hoʻihoʻi i nā mea āpau mai ka waihona a mākou i hana ai i ka hoʻomaka.
7) E like me ka mea maʻamau, hele nā mea āpau me kahi bang - ʻaʻohe hewa a hoʻomaka ka lawelawe
Me ka puʻuwai puʻuwai, kaomi au i nā Palapala Hōʻoia - a ... ua hāʻawi ʻia iaʻu kahi papa inoa - he lanakila liʻiliʻi kēia. Ke waiho nei ia e nānā i ka hana o ka hoʻopuka ʻana i kahi palapala ma o ka Pūnaewele. Hahai au i ka loulou: a kaomi ma ke noi palapala a laila noi palapala hōʻoia kiʻekiʻe. Hoʻopuka wau ... Ua hiki ke hoʻihoʻi iā CA.
Nā hopena:
1) E hoʻomanaʻo e hana i kahi hoʻihoʻi a paʻi kiʻi
2) E kākau i kāu mau hana - e kōkua kēia iā ʻoe e hoʻihoʻi i nā mea āpau a i ʻole e ʻimi wikiwiki i ka hewa
Ps Pono wau e hoʻāʻo i ka neʻe ʻana o CA mai Windows 2008R a i Windows 2012R2 hou.
Source: www.habr.com