Unused ADCS for Server 2008 R2 Standard. What are the risks associated with removing this service?
I have inherited this system and I am looking at decommissioning this server 2008 R2 Domain Controller/ADCS Server. This role (ADCS) was never actively used by anyone. I believe, just because it was installed, that the member domain controllers have used it to create certificates. I have revoked all of the certificates that have expired under the "Issued Certificates" folder of the CA. There are 4 active certs here, one for each DC under the template "Domain Controller (DomainController)" and one for the CA under "CA Exchange (CAExchange)".
I have the private key backed up and I have the "ADCS Database" backed up to a folder. I have Full image backups of this server as well. I am looking to uninstall the ADCS service and dcpromo this server but I don't have a lot of experience and understanding on this to know if it is safe. I am using this removal guide but just want to ask the community if I have anything to worry about by revoking the DC and CA certs that are listed and following through with the removal of the ADCS Role.
Solution 1:
There is nothing to add: just do it. CA seems to be unused, so there is no implications in removing it accordingly to referenced guide.