This is a discussion on Active Directory Certificate Services (ADCS) within the Operating systems forums, part of the Tutorials category; Active Directory Certificate Services (ADCS) Multiple places in this book speak of certificates, particularly regarding Secure Sockets Layer (SSL) and ...
Active Directory Certificate Services (ADCS)
Multiple places in this book speak of certificates, particularly regarding Secure Sockets Layer (SSL) and the encryption of data. You have seen a number of options, including self-signed certificates, which require extra steps on clients to use the certificates. At the other end of the scale, you can purchase certificates from Internet trusted certificate authorities (CAs), such as VeriSign and RapidSSL, which are trusted by all Internet clients but cost money. In the middle are domain certificates, which are issued by a CA that exists within your infrastructure. A domain certificate is a great solution for services that are used internally in an organization or only by clients who are part of the domain and so will trust the domainís CA.
When you make a server a CA, you cannot change its name or domain membership. You canít even promote or demote its domain controller status, so make sure your server is as needed from a configuration perspective before you install ADCS on it.