Windows Domain Controller - SSL Cert with Two Hosts In Subj. Alternative Name (SAN)

200mg

11/15/22, 1:15 PM

My Domain Controllers auto enroll and get a Computerv2 cert that handles server authentication. One of the apps we use requires an SSL cert with a SAN that contains multiple hosts. I know how to create a certificate request that contains multiple hosts in the SAN. I have a couple of questions.

Can I just delete the auto enrolled Computerv2 certificate and import the private key for the multi SAN certificate to both Domain Controllers in the SAN
Could this break anything ADDS related? I think ADDS replication encrypts with Kerberos so I should be ok there.

0 + 1

ssl

active-directory

certificate-authority

windows-server-2016

garethTheRed

11/15/22, 4:05 PM

Just enroll for another certificate for the app.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Windows Domain Controller - SSL Cert with Two Hosts In Subj. Alternative Name (SAN)

TH: Windows Domain Controller - ใบรับรอง SSL พร้อมโฮสต์สองโฮสต์ใน Subj. ชื่อสำรอง (SAN)

RO: Controler de domeniu Windows - Cert SSL cu două gazde în Subj. Nume alternativ (SAN)

RU: Контроллер домена Windows — SSL-сертификат с двумя хостами в Subj. Альтернативное имя (SAN)

VI: Bộ điều khiển miền Windows - Chứng chỉ SSL với hai máy chủ trong Subj. Tên thay thế (SAN)

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.