Certificate Authority - Server 2012 R2

We just upgraded our domain controllers to 2012 R2.
I noticed we do not have a certificate authority in our environment.

Do we need one, and what are the ramifications if we do not have one in the environment.

What is best practice?

Thanks
techgeniousAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Cliff GaliherCommented:
You may or may not need a CA for your environment. That is entirely about your environment itself. As an example, does everyone need a file server?  Many networks do. But those that are heavily cloud-centric may be using OneDrive for Business or DropBox Business and a file server has no benefit.  This is true for almost every role, and ADCS is no different. There are some use cases for an internal CA, and there are some environments  where it'd offer no benefit whatsoever.

As with any network planning, start with what you want to do, then pick the services that get you there. If nothing you want requires a CA, don't install ADCS anywhere. If something you want has a PKI dependency, or if a role explicitly requires a CA, you'll find out quickly during your planning.

-Cliff
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
akalyan911Technical ConsultantCommented:
it is depend on your domain environment, You can install the AD - Certificate Services if is required. without installation also you can work out..

AD CS starting in Windows Server 2008 provides customizable services for creating and managing public key certificates used in software security systems that employ public key technologies ... in your environment is small and not having much software application, i would suggest you to not install..

you can go through the Microsoft Technet articles from more information..
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.