Backup PKI (Active Directory Certificate Authorities)

Last Updated on

#@
#Revision v1.00
#(20.03.2020)
#backup to the network ..\2-Betrieb\backup\BA_pki

#local backup:
#1)Certificate Security Protocol,
#2)Templates published at the CA,
#3)Private Key,
#4)Certificate Database and logs
#5) HKLM\System\CurrentControlSet\Services\Certsvc\Configuration.

#delete first the network backup
Remove-Item \\<path>\Backup\BA_PKI\backup -recurse
#copy the previous local backup to the network
copy-item -path “C:\backup” -Recurse -Destination “<path>\BA_PKI\backup”
#delete the local backup
remove-item c:\backup\ -recurse
new-item -Path c:\ -name backup -ItemType directory
#take a new backup
certutil -backup -p Password c:\backup
reg export HKLM\System\CurrentControlSet\Services\CertSvc\Configuration c:\backup\regkey.reg
Certutil –getreg CA\CSP > C:\Backup\CSP.txt
Certutil –catemplates > C:\Backup\CATemplates.txt
#that way we have two different backups.The one in the network is one step older than the one already taken 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *