<div>
How about machines that are members of the domain? &nbsp;One site is OWA, the other is a citrix gateway for remote access. &nbsp;I'm assuming that domain member machines would trust the certificate.
</div>


How about machines that are members of the domain?  One site is OWA, the other is a citrix gateway for remote access.  I'm assuming that domain member machines would trust the certificate.

<div>
No, they would not. You would have to import the cert into the trusted root certification authorities folder for them to accept without error.
</div>


No, they would not. You would have to import the cert into the trusted root certification authorities folder for them to accept without error.

<div>
<div class="content wysiwyg-content">
I'm trying to understand what the purpose of the certificate authority role is in a 2008 domain. &nbsp;Is there a basic article you could point me to that would cover the very basics of certificates, the different kinds out there, and what specifically the certificate authority in a domain does? &nbsp;For instance there are two publicly available websites in my domain and both use a certificate we purchased from go daddy. &nbsp;Could I use an internal certificate server to generate these instead of paying for them?
</div>
</div>


I'm trying to understand what the purpose of the certificate authority role is in a 2008 domain.  Is there a basic article you could point me to that would cover the very basics of certificates, the different kinds out there, and what specifically the certificate authority in a domain does?  For instance there are two publicly available websites in my domain and both use a certificate we purchased from go daddy.  Could I use an internal certificate server to generate these instead of paying for them?

Purpose of Certificate Authority in a domain?

Encryption is the process of encoding messages or information in such a way that only authorized parties can read it. In an encryption scheme, the intended communication information or message, referred to as plaintext, is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.

Encryption

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.