troubleshooting Question

Build AD Certificate Authority (CA) using 3rd Party Wildcard SSL Certificate

Avatar of Ricky Helmer
Ricky Helmer asked on
Windows OSActive Directory* LDAPS* PKI CERTIFICATES* Enterprise Certificate Authority
11 Comments1 Solution180 ViewsLast Modified:
We are rebuilding our entire Active Directory environment. I've seen many posts on the Internet about building the CA server and that it is best practice keep it separate from the Domain Controller. I also believe there is something about building an offline CA, but in terms of keeping things manageable, I'm not sure if this is a must for us. I always have trouble with certificates and building the CA, and its hard to find instructions applicable to our environment, unless perhaps I'm misunderstanding them.

We have a 3rd Party wildcard certificate issued from GoDaddy (used for network devices, etc). I'd like to build a Windows Server 2016 CA on a separate VM than our DC. I also want utilize certificates for LDAPS and the client machines that are joined to our network.

Can someone advise of the steps in order to accomplish this? I've found these notes on building the CA, however it doesnt say anything about using a 3rd party certificate. Or perhaps I dont need a 3rd party certificate for LDAPS and internal machines? https://www.virtuallyboring.com/setup-microsoft-active-directory-certificate-services-ad-cs/
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 11 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 11 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros