Before moving KMS users from one Key Management server to
another, you must save the certificate of the destination Key
Management server. KMS will use this certificate to encrypt all
Advanced Security information, protecting it from detection during
transmission. Also, using the destination server's certificate
ensures that only the intended Key Management server will be able
to read it.
To save the KMS certificate on the destination server:
On the Start menu, point to
Programs, point to Microsoft Exchange, and then click
In the console tree, click Advanced Security.
In the details pane, right-click Key Manager, point to
All Tasks, and then click Save KMS Certificate.
In the Key Management Service Login dialog box, type
your password, and then click OK. The default password is
Note You will have to re-type
your password each time you try to perform a task or click a tab in
the Key Manager Properties dialog box.
To select a destination for the certificate, in Save KMS
Certificate, type in a path, or click Browse. The
certificate will be saved with a .crt extension. The location you
choose must be accessible by the exporting Key Management