General:
Download makecert.exe and dump in c:\Hyper-V Replication on all hvs servers
create the following subdirectories
import
export
change the server name to have domain name listed (FQDN)
reboot
on each server:
run cmd as administrator
go to were makecert.exe is
on Each Replication Server
step 1
makecert -pe -n “CN=servernameCA” -ss root -sr LocalMachine -sky signature -r “servernameCA.cer”
Replacing Server name with your servers name
step 2
makecert -pe -n “CN=server.fqdn” -ss my -sr LocalMachine -sky exchange -eku 1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2 -in “servernameCA” -is root -ir LocalMachine -sp “Microsoft RSA SChannel Cryptographic Provider” -sy 12 servername.cer
step 3
copy the 2 x .cer files(servername.cer and servernameCA.cer) to export folder
step 4
run mmc, select certificates, local computer, go to personal certificates and export servername.domain.local with private key, to export folder, name the cert servernameexport.pfx password 1234, so this for all other servers as well
step 5
reg add “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization\Replication” /v DisableCertRevocationCheck /d 1 /t REG_DWORD /f
step 6
reg add “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization\Failover\Replication” /v DisableCertRevocationCheck /d 1 /t REG_DWORD /f
step 7
reboot
step 8
copy the export folder content of each server to the import folder of the other servers
step 9
on all Servers:
run cmd as administrator
go to where import folder is (C:\Hyper-V Replication\import)
step 10
certutil -addstore -f Root “servernameCA.cer”
step 11
double click on “sernameexport.pfx”, 1234 password
Step 12
Enable Replication Server as Replica Server
Step 13
on Replication Server, setup replication and choose certificate on Other Server, setup replication and choose certificate.