I have a Read Only DC installed on Windows Server 2008 R2 Core which is sat in our DMZ. AD replication to the RODC is working fine. The problem i have is that i want a third party (Mimecast) to do an LDAP look up to the DC via LDAPS, with an SSL cert from GoDaddy. However it doesn't seem to be working. I have followed both of these guides to install the certificate:
http://support.microsoft.com/kb/321051
http://www.mimecast.com/knowledgebase/KBID10314.htm
Before i ran the certreq -accept certnew.cer command i added the Intermediate Certificate as shown in these instructions (but only up to step 18 as IIS is not on this server:
http://support.godaddy.com/help/article/4801/installing-an-ssl-certificate-in-microsoft-iis-7?pc_split_value=4
The Cert shows up under Personal for the RODC server. However the Issued to is not coming up with the FQDN but just the Hostname of the RODC, not sure if this makes a difference? And the Certificate Path Tab shows the following:
When i try and do the LDAPS connection from Mimecast i get an error and their support say they can't see any certificate when they are connecting. If i do a normal LDAP connection on 386 from Mimecast it works fine, so i know that the LDAP connection settings are ok and there is something wrong with the certificate but what that is i'm unsure.
Thanks