Hi,
I would like to know how certificates work in both windows and Linux clients.
Here is my setup. We have a windows internal CA, we have windows domain controllers that serve as our ldap server. We have in dns Host A record ldap-dc.domain.com point to two ip address of our domain controllers. We did this so that they will use the FQDN in ldaps connection string for failover.
1. Will windows based applications that connect via ldaps require a certificate? If so, where did that certificate should come from? Should it come from our Domain controller which its certificate is issued by our internal CA?
2. The certificate of our domain controllers did it came automatically from our CA since I don't recall requesting for certificate when setting up domain controller? How will windows client machines make use of this certificate? Do they receive it automatically?
3. How about for apps based on Linux that will use ldaps? Where should it's certificate come from? Does it need to request for certificate or will it use the domain controller's certificate by importing it on the Linux machine?
Thanks!