Hello, we need to build a certificate authority for our signle domain. We have a few applications running on several VMs that need an SSL certificate to do away with the untrusted warning when browsing to the site. We also have a few devices like KVM and routers we'd like to assign them too, but lets keep it baby steps for now.
Once a CA is installed as an enterprise CA it seems to become fairly permanaent and and a commitment to make what you now have work. I was wondering if in our small business scenario if a stand alone CA might be more beneficial. This way if the CA doesn't workout as we planned, it's not as inegrated into AD as a enterprise CA.
I've read the articles, i've tested in a lab enviroment, but CA's seem to be a tough topic to find some real insight on. A lot of write ups seem to assume you know the underlying tasks and requirements of CA , as well as how to manage them and plan for the future.
Anyone have some real life insight on a CA build they did in a similar small business enviroment? Anything I should or should not do? What should I look out for, what should I be doing as far as configuring so I'm not running into headaches down the road in a few years.
Also has anyone installed a CA onto their domain, and then successfully unistalled and remove the CA without completely ruining Active Directory?
I'm far from grasping the certificate authorty conecept in it's entirety and knowing what it can do, but I would love to be able to comfortably set up and manage a CA that can just issues a handful of SSLs to a few servers running some web based application for our users.
Thank you,
Sam