Weird situation. Site with only 1 edirectory server in the tree. Edirectory though shows 2 by the same ip address. Documenting it appears there was one in the past that got hosed and customer reinstalled with different name, so both show valid in tree, even though there is only one physical vm running. The CA in the tree is shown to be held by server that is no longer around, certificates show valid though. I was going to try and export the cert and move it to the other server, but I get the following error when I try to export it:

The distinguished name for the security container is not in the proper format.

I am not finding anything on this message anywhere. The plan is to install 3 new edirectory servers into this tree and then get rid of the mess that is there now, but I want even attempt it with not knowing if CA is working right or not. Any thoughts or help would be appreciated.