Using Preventive Practices for Servers

  • Article

The server where a CA is installed can fail, resulting in a disruption of certificate services. You can use the following preventive practices to reduce the risk of CA failures and to minimize the disruption of CA services:

  • Provide duplicate CA services so that if one server is offline, another server can still issue the appropriate certificates.

  • Back up CAs frequently so that they can be restored with a minimal loss of data.

  • Install certificate services on hard disks by using disk arrays and redundant array of independent disks (RAID) Level 5 protection.

  • Prepare recovery plans and train administrative staff on recovery plans.

  • Maintain records of all server and CA configuration information so that exact configurations can be easily restored.

  • Maintain replacement servers in standby or in ready stores for immediate recovery.