Edit

Share via

Backing Up Certificate Services

  • Article

The following is a scenario showing how you can use the Certificate Services backup functions to back up a Certificate Services database and its associated files.

  1. Load the Certadm.dll library into memory (by calling LoadLibrary).
  2. Retrieve the address of each of the necessary functions in Certadm.dll (by means of GetProcAddress). Use these addresses when calling the functions in the remaining steps.
  3. Call CertSrvIsServerOnline to determine whether Certificate Services is online. Certificate Services must be online for the backup operations to be successful.
  4. Call CertSrvBackupPrepare to start a backup session. The resulting Certificate Services backup context handle will be used by many of the other backup functions.
  5. Call CertSrvRestoreGetDatabaseLocations to determine the restore map. The restore map contains the paths to be used when restoring the backup. Save the information retrieved by CertSrvRestoreGetDatabaseLocations to an application-specific location.
  6. Call CertSrvBackupGetDatabaseNames to determine the names of the database files to backup. For each of these files, execute steps 7 through 9.
  7. Call CertSrvBackupOpenFile to open the file for backup.
  8. Call CertSrvBackupRead to read a portion of bytes from the file, then call an application-specific routine to store the bytes on a backup medium. Repeat this step until all of the bytes in the file are backed up.
  9. Call CertSrvBackupClose to close the file.
  10. Call CertSrvBackupGetBackupLogs to determine the names of the log files to backup. For each of these files, execute steps 7 through 9.
  11. Call CertSrvBackupTruncateLogs to truncate the log files which were backed up in steps 6 and 10. This step is optional; however, call CertSrvBackupTruncateLogs only if all files returned by CertSrvBackupGetDatabaseNames and CertSrvBackupGetBackupLogs have been backed up (otherwise, the restore operation will fail). Consult the CertSrvBackupTruncateLogs reference page for details.
  12. Call CertSrvBackupGetDynamicFileList to determine the names of the non-database files to backup. These files are only identified by the function, and must be backed up by some other means.
  13. Backup the dynamic files identified in step 12, using routines separate from Certadm.dll.
  14. Call CertSrvBackupEnd to end the backup session.
  15. Call CertSrvBackupFree as needed to release buffers allocated by certain Certificate Services backup functions. Calls to CertSrvBackupGetBackupLogs, CertSrvBackupGetDatabaseNames, and CertSrvBackupGetDynamicFileList will allocate buffers that can be freed by a call to CertSrvBackupFree.
  16. Release the Certadm.dll resources by calling FreeLibrary.

For information about the privileges required to back up the Certificate Services database and associated files, see Setting the Backup and Restore Privileges.