When the Active Directory Certificate Services role and role servers are installed on a Windows Server 2008 R2 system, a Certification Authority is created. The Certification Authority or CA is used to manage and allocate certificates to users, servers, and workstations when files, folders, email, or network communication needs to be secured or encrypted.
When the CA allocates a certificate to a machine or user, that information is recorded in the certificate database on the local drive of the CA. If this database is corrupted or deleted, all certificates allocated from this server become invalid or unusable. To avoid this problem, the certificates and Certificate Services database should be backed up frequently. Even if certificates are rarely allocated to new users or machines, backups should still be performed regularly. The certificate authority database is backed up with a full system backup but can be backed up using the Certification Authority console. To perform a manual backup of the certificate authority, perform the following steps:
1. Log on to the Windows Server 2008 R2 Certification Authority server system with an account with administrator privileges.
2. Click Start, click All Programs, click Administrative Tools, and select Certification Authority.
3. Double-click on the Certification Authority server to initiate the connection in the console.
4. Right-click on the server, click All Tasks, and select Back Up CA.
5. When the Certification Authority Backup Wizard opens, click Next on the welcome page.
6. On the Items to Back Up page, check both check boxes, and in the Back Up to This Location text box, type c:\Windows\System32\CABackup\ and click Next.
7. A window opens stating that the destination folder does not exist; click OK to create the folder and continue.
8. On the Select a Password page, enter a password, confirm the password, and click Next to continue. This password is very important because it will be required to restore the database should that be necessary—so store this password in a safe place.
9. On the Completing the Certification Authority Backup Wizard page, review the settings, and click Finish to create the backup.
10. After the backup completes, the focus is returned to the Certification Authority console. Close the console.
11. Log off of the server.
Source of Information : Sams - Windows Server 2008 R2 Unleashed