My company has asked our team to implement a PKI solution so we can encrypt and digitally sign emails, files, authenticate users for web-based applications that are on DMZ servers (bounce authentication againts internal AD servers from the DMZ).
Ourt current environment is: Active Directory with DOmain controllers as Windows Server 2008 R2.
Multiple member servers in 2008 and some in 2003. Applications in our internal domain and some are located at the DMZ.
What is required to start this implementation? PKI server, Certificate signing (Microsoft-local vs Third-Party).