ADCS: Trouble backing up CA DB from command prompt RRS feed

  • Question

  • I'm attempting to take a full backup of the CA database from command line, and having no luck:

    >certutil -backupdb c:\temp\cabackup
    Full database backup for\Contoso Infrastructure Authority
    Not a valid backup target directory: c:\temp\cabackup.
    CertUtil: -backupDB command FAILED: 0x80070005 (WIN32: 5)
    CertUtil: Access is denied.

    Here's my situation:

    - Role separation is enabled.
    - I am running a console window running as the CA Backup account.
    - The CA Backup account has permissions to back up the CA.
    - The CA Backup account has full permissions on the folder I'm specifying for the backup to be written
    - I've tried pre-creating the "backup061719" subfolder
    - I confirmed I can write to the directory as the CA Backup account by running break > c:\temp\cabackup\test.txt

    I'm completely out of ideas. Any suggestions?

    Monday, June 17, 2019 4:34 PM

All replies

  • Hi,

    Thanks for your question.

    To create the backup of the CA database, you can only hold the common criteria role of backup operator. Please ensure your account has permissions to back up CA. Maybe you can try to run cmd as administrator again.

    Also, you can try to use powershell cmdlet to help you do it.

    Backup-CARoleService -Path "C:\temp\CABackup" -DatabaseOnly

    Tip: run powershell as administrator and run the cmdlet.

    Best regards,


    Just do it.

    Tuesday, June 18, 2019 2:50 AM
  • Hi,

    Was your issue resolved?

    If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.

    If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.

    If no, please reply and tell us the current situation in order to provide further help.

    Best Regards,


    Just do it.

    Tuesday, July 9, 2019 7:36 AM