The tasks can be summarized in four steps assuming you followed the steps in your key signing ceremony to retrieve the CA.
-
Issue a new Certificate Revocation List (CRL) and publish it to the configured Offline Certification Authority distribution points.
-
Apply major release updates to the offline Certification Authori>