SSL Certificate question(s) and on-prem


[H]F Junkie
Feb 16, 2003
So I'm not really that familiar with certs in general. Our primary domain SSL was set to expire end of January, but apparently needed to be rekeyed before 1/1/2022 so our SSL showed as being insecure. After getting it rekeyed and fixed, I found out that there are some software demands that are cloud based that reach to our local AD for profiles and or access locally that alerted about the loss of an SSL connection and need the new cert in order to work again.

So my guess is I need to install the cert locally, as well as give it to the applications the need to access the local AD (for LDAP). I'm just wondering how I can make sure we don't have some sort of cert server vs just adding it to the AD (Which doesn't even look like it had certs before), but we have another machine the seemed to have certs.

I guess I'm a little confused. (This is an infrastructure that I've inherited that has 0 documentation on.)


Supreme [H]ardness
Dec 23, 2001
Look at the cert in question in the site or app that is complaining. If it's signed by an external CA it should be pretty obvious. If it's an internal CA the cert will be signed differently and should name an internal server as the CA.