Using Preventive Practices for Servers
The server where a CA is installed can fail, resulting in a disruption of certificate services. You can use the following preventive practices to reduce the risk of CA failures and to minimize the disruption of CA services:
Provide duplicate CA services so that if one server is offline, another server can still issue the appropriate certificates.
Back up CAs frequently so that they can be restored with a minimal loss of data.
Install certificate services on hard disks by using disk arrays and redundant array of independent disks (RAID) Level 5 protection.
Prepare recovery plans and train administrative staff on recovery plans.
Maintain records of all server and CA configuration information so that exact configurations can be easily restored.
Maintain replacement servers in standby or in ready stores for immediate recovery.