In our past blogs on the subject of Windows Server ADCS backups, we have touched on the issue of jet database logs not being truncated and deleted in some scenarios. https://www.pkisolutions.com/adcsbackups/ https://www.pkisolutions.com/database-log-files-are-not-truncated-when-you-perform-a-full-certification-authority-database-backup/ Specifically, if backups are performed via snapshot or non-VSS based backups and secondly, if any logs are still held open by the jet…

Read More

In my last blog post (Backing up ADCS Certificate Authorities Part 1) I covered the inner workings of how ADCS and the Jet database works to maintain the CA data. In this post I am going to go over a comprehensive PowerShell script that I wrote to perform a full backup of all necessary ADCS…

Read More

One of the areas I have spoken about extensively at conferences and cover in our training classes is the unique issues associated with backing up and managing your ADCS Certificate Authority. There are several items I would like to address in this two-part series: CA Database and log file structure Unique issues with VM Snapshots with…

Read More

In a previous post, I discussed the configuration and isolation of true offline Certificate Authorities. There I made reference to the fact that an offline CA is one that never sees the light of day, figuratively that is. The CA should be air-gaped from the network, which requires physical access to the CA to manage and…

Read More