Unused ADCS for Server 2008 R2 Standard. What are the risks associated with removing this service?

windows-server-2008-r2 ad-certificate-services

I have inherited this system and I am looking at decommissioning this server 2008 R2 Domain Controller/ADCS Server. This role (ADCS) was never actively used by anyone. I believe, just because it was installed, that the member domain controllers have used it to create certificates. I have revoked all of the certificates that have expired under the "Issued Certificates" folder of the CA. There are 4 active certs here, one for each DC under the template "Domain Controller (DomainController)" and one for the CA under "CA Exchange (CAExchange)".

I have the private key backed up and I have the "ADCS Database" backed up to a folder. I have Full image backups of this server as well. I am looking to uninstall the ADCS service and dcpromo this server but I don't have a lot of experience and understanding on this to know if it is safe. I am using this removal guide but just want to ask the community if I have anything to worry about by revoking the DC and CA certs that are listed and following through with the removal of the ADCS Role.


Solution 1:

There is nothing to add: just do it. CA seems to be unused, so there is no implications in removing it accordingly to referenced guide.

Related

Ubuntu add repo app-key fails
Trying to update windows defender from UNC path continuously fails
iptables - logging new connections
Apache SSL certificate and Private key
Lighttpd static file server 403 forbidden error
Fixing BIND9 rndc error "connection to remote host closed"
FFMPEG - Failed locking bitstream buffer: not enough buffer (14): .35x Video encoding failed
Webcam with usb extension Cable
Save groups of tabs in edge or chrome
Chrome Tab Group Migration/Sync
How to make alerting window come to the foreground
CPU utilization won't go above 30%