My Certificate Services servers are in place and ready to create and issue certificates.
I am using the 2 tier approach to Certificate Services.
I have created my stand-alone ROOTCA and my Issuing Certificate Services Server in my domain.
My RootCA has been published to AD with certutil -dspublish and I have added it as well to my trusted ROOTCA's for my domain with a GPO.
I have duplicated my Computer Template and set it up ready to issue certificates after I create them.
I have created a GPO that will be used to issue certificates after I create them.
What are the Best Practices Steps for creating our own certificate to be applied to an application server and the users/workstations that will access it?