Generate new self-signed CA for Windows 2012 CA

windows ad-certificate-services

Solution 1:

Actually, you don't need to remove CA role or start over. You can simply renew CA certificate with new key pair. Before this procedure you need to make the following changes on CA server:

certutil -setreg ca\csp\cnghashalgorithm sha256
net stop certsvc && net start certsvc

and renew CA certificate. During prompt select to generate a new key pair.

Related

Windows 7: Deploying Printer Settings without a Print Server
Tcpdump maximum split file size
Modifying kernel cmdline in Ubuntu
ping and traceroute does not work when UFW deny outgoing by default
Hyper-V offline migration between AMD and Intel Processors
How to make connections answer from the same gateway they entered in RouterOS?
How does LSI MegaRAID actually lay out RAID10 sets?
Proxy dropping custom headers with https
The requested operation requires elevation
Complex chain rule for complex valued functions
Can a sequence of unbounded functions be uniformly convergent?
How to explain the division rule in counting problem in a easy way?