Link to home
Create AccountLog in
Avatar of RimFire007
RimFire007

asked on

server 2016 install certificate services without active directory

I need to install a web-service related Win 2016 std / IIS server on the DMZ. We will use public SSL certificate on that. It will then query data form AD LAN SQL server.

What is the best practice to do this keeping in mind that I have read that you don't want to have AD joined servers on the DMZ?

I have installed public SSL certificates only to AD Servers and now I don't know what to do with this workgroup 2016 std server regarding public SSL certificate.

I believe tat I need to install IIS on this server.
Avatar of Mahesh
Mahesh
Flag of India image

If your server remains accessible from internet, use public ssl certificate
If server remains accessible with internal network onlythen use certificate from internal ca
Avatar of RimFire007
RimFire007

ASKER

Yes, it will remain accessible from internet, so I will use public ssl certificate. What I'm trying to question is would In I need to install AD certificate services to the server which indicates imo that I need to join the server to the domain - maybe even dcpromo it which seems to me bad idea.

In other words how can I install public SSL certificate to this workgroup 2016 std server?
ASKER CERTIFIED SOLUTION
Avatar of Mahesh
Mahesh
Flag of India image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
The other consultant involved this project created the CSR at the WorkGroup Server. I were able to purhace the SSL certificate. I think this case is now solved.